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CLAIMS 

1 . An authentication apparatus for authenticating 
a transaction performed between at least two parties via 
a network, 

said authentication apparatus comprising: 

a first receiving means for receiving a first 
request including personal key information of a first 
transactor and information indicating a transaction 
content from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor based on said 
personal key information included in said first request 
and generating first authentication information, 

a first transmitting means for transmitting a 
second request including information obtained by deleting 
the personal key information of said first transactor 
from said first request and said first authentication 
inf oirmation to said second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
transactor , 

a second authenticating means for 
authenticating the legitimacy of said second transactor 
and generating second authentication information in 
accordance with said reply, and 
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a second transmitting means for transmitting 
said second authentication information to said first 
transactor . 

2 . An authentication system for authenticating a 
5 transaction performed between at least two parties via a 
network , 

said authentication system comprising: 
a first communication apparatus used by a first 
transactor , 

10 a second communication apparatus used by a 

second transactor, and 

an authentication apparatus for authenticating 
said transaction, 
wherein 

15 said authentication apparatus comprises 

a first receiving means for receiving a first 
request including personal key infoirmation of the first 
transactor and information indicating transaction content 
from said first transactor, 

20 a first authenticating means for authenticating 

a legitimacy of said first transactor based on said 
personal key information included in said first recpiest 
and generating first authentication information, 

a first transmitting means for transmitting a 

25 second request including information obtained by deleting 



the personal key information of said first transactor 
from said first request and said first authentication 
information to said second transactor, 

a second receiving means for receiving a reply 
5 with respect to said second request from said second 
transactor, 

a second authenticating means for 
authenticating the legitimacy of said second transactor 
and generating second authentication information in 
10 accordance with said reply, and 

a second transmitting means for transmitting 
the second authentication information indicating the 
legitimacy of said transaction to said first transactor. 
3 . An authentication method for authenticating a 
15 transaction performed between at least two parties via a 
network, , 

said authentication method comprising the steps 

of: 

receiving a first request including personal 
20 key information of a first transactor and information 
indicating transaction content from said first 
transactor , 

authenticating a legitimacy of said first 
transactor based on said personal key information 
25 included in said first request and generating first 



authentication information, 

transmitting a second request including 
information obtained by deleting the personal key 
information of said first transactor from said first 
5 request and said first authentication information to said 
second transactor, 

receiving a reply with respect to said second 
request from said second transactor, 

authenticating a legitimacy of said second 
10 transactor in accordance with said reply and generating 
second authentication information, and 

transmitting said second authentication 
information to said first transactor. 

4 . An authentication apparatus for authenticating 
15 a transaction performed between at least two parties via 
a network , ^ 

said authentication apparatus comprising: 
a first receiving means for receiving a first 
request including personal identification information of 
20 a first transactor and information indicating transaction 
content from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor and generating a 
first authentication information in response to said 
25 first request. 



a first transmitting means for transmitting a 
second request including said first authentication 
information and information indicating content of said 
transaction to a second transactor, 
5 a second receiving means for receiving a reply 

with respect to said second request from said second 
transactor , 

a second authenticating means for 
authenticating a legitimacy of said second transactor in 
10 accordance with said reply and generating second 
authentication information, and 

a second transmitting means for transmitting 
said second authentication information to said first 
transactor . 

15 5. An authentication apparatus as set forth in 

claim 4 , wherein < 

said first receiving means receives said first 

request further including the personal key information of 

said first transactor, and 
20 said first authenticating means authenticates 

the legitimacy of said first transactor based on said 

personal key information . 

6 . An authentication apparatus as set forth in 

claim 5, wherein said personal key information of said 
2 5 first transactor is information relating to the charging 



- 6 - 



of said first transactor. 

7 . An authentication apparatus as set forth in 
claim 6, wherein said first transmitting means transmits 
the second request further including said personal key 

5 infojrmation of said first transactor to said second 
transactor . 

8 . An authentication apparatus as set forth in 
claim 4 , further comprising a decrypting means for 
decrypting said received first request when said first 

10 request is encrypted. 

9 . An authentication apparatus as set forth in 
claim 4 , further comprising an encrypting means for 
encrypting said second request. 

10 . An authentication apparatus as set forth in 
15 claim 4, further comprising a decrypting means for 

decrypting said received reply when said reply is 
encrypted. 

11. An authentication apparatus as set forth in 
claim 4 , further comprising an encr3fpting means for 

20 encsrypting said second authentication information. 

12 . An authentication system for authenticating a 
transaction performed between at least two parties via a 
network, 

said authentication system comprising: 
25 a first communication apparatus used by a first 
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transactor , 

a second communication apparatus used by a 
second transactor, and 

an authentication apparatus for authenticating 
5 said transaction, 

wherein 

said first communication apparatus transmits a 
first request including personal identification 
information of the first transactor and information 
10 indicating the transaction content to said authentication 
apparatus , and 

said authentication apparatus comprises: 
a first receiving means for receiving said 
first reqpiest from said first transactor, 
15 a first authenticating means for authenticating 

a legitimacy of said first transactor ^nd generating 
first authentication information in response to said 
first request, 

a first transmitting means for transmitting a 
2 0 second recpiest including said first authentication 

information and the content of said transaction to said 
second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
2 5 transactor. 



a second au'thent:±cat:±ng means for 
authenticating a legitimacy of said second transactor and 
generating second authentication information in response 
to said reply, and 
5 a second transmitting means for transmitting 

said second authentication information to said first 
transactor . 

13. An authentication method for authenticating a 
transaction performed between at least two parties via a 
10 network, 

said authentication method comprising the steps 

of: 

receiving a first request including personal 
identification information of a first transactor and 
15 information indicating transaction content from said 
first transactor, ^ 

authenticating a legitimacy of said first 
transactor and generating first authentication 
information in response to said first request, 
20 transmitting a second request including said 

first authentication information and the content of said 
transaction to a second transactor, 

receiving a reply with respect to said second 
request from said second transactor, 
25 authenticating a legitimacy of said second 



transactor in accordance with said reply and generating 
second authentication information, and 

transmitting said second authentication 
information to said first transactor. 
5 14. An authentication apparatus holding infoirmation 

relating to a first transactor and authenticating a 
transaction between said first transactor and a second 
transactor performed via a network while communicating 
with another authentication apparatus holding infoirmation 

10 relating to said second transactor, 

said authentication apparatus comprising: 
a transmitting and receiving means for 
transmitting a second request including information 
specifying said second transactor in response to a first 

15 request from said first transactor including information 
indicating said transaction content and infoarmation 
specifying said second transactor to said second 
authentication apparatus , receiving first signature 
information indicating an authentication result by said 

20 second authentication apparatus in response to said 

second request, transmitting a third request including 
infoirmation relating to said transaction content included 
in said first request and said first signature 
information to an apparatus used by said second 

25 transactor, and receiving a predetermined reply from an 
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apparatus used by said second transactor in response to 
the related third request, 

a storage means for storing a log of said 
transaction when receiving said predetermined reply, and 
5 a signature producing means for producing 

second signature information to be transmitted to the 
apparatus used by said first transactor via said 
transmitting and receiving means when receiving said 
predetermined reply and indicating the authentication 
10 result of the legitimacy of said transaction. 

15 . An authentication apparatus as set forth in 
claim 14, further comprising an encrypting means, and 

wherein 

said transmitting and receiving means receives 
15 an encryption key used for the communication with said 
second transactor from said other authentication 
apparatus in response to said second request and 
transmits the information relating to said transaction 
content encrypted by using said encryption key at said 
20 encrypting means and said first signature information to 
the apparatus used by said second transactor . 

16. An authentication apparatus as set forth in 
claim 14 , wherein 

said transmitting and receiving means receives 
2 5 said predetermined reply including the identification 
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information used for identifying said second transactor 
by said other authentication apparatus from the apparatus 
used by said second transactor, and 

said storage means stores a log of said 
5 transactions generated by using said identification 
information . 

17 . An authentication apparatus as set forth in 
claim 14, wherein said transmitting and receiving means 
transmits the third request including information other 

10 than the information relating to the charging of said 
first transactor in the information relating to said 
transaction content included in said first request and 
said first signature information to the apparatus used by 
said second transactor . 

15 18 . An authentication apparatus as set forth in 

claim 14, wherein said transmitting and receiving means 
transmits the third request including the information 
relating to said transaction content included in said 
first request, said first signature information, and the 

20 encryption key used for the communication with the 

related authentication apparatus to the apparatus used by 
said second transactor . 

19 . An authentication apparatus as set forth in 
claim 14, further comprising a charge processing means 

25 for the charge processing for the authentication relating 
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to said transaction. 

20. An authentication apparatus as set forth in 
claim 14, wherein said charge processing means performs 
processing for determining a rate of the charge for the 

5 authentication relating to said transaction with said 
other authentication apparatus . 

21. An authentication apparatus as set forth in 
claim 14, wherein said transmitting and receiving means 
receives said predetermined reply from the apparatus used 

10 by said second transactor when said second transactor 
confirms the legitimacy of said first signature 
information and agrees to the related transaction . 

22 . An authentication apparatus as set forth in 
claim 14, wherein said receiving means sends said second 

15 signature information to the apparatus used by said 
second transactor . ^ 

23 . An authentication system for authenticating a 
transaction performed between at least two parties via a 
network , 

20 said authentication system comprising: 

a first authentication apparatus for 
authenticating a transaction relating to a first 
transactor and 

a second authentication apparatus for 
2 5 authenticating a transaction relating to a second 
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transactor , 

wherein 

said first authentication apparatus transmits a 
second request including information specifying said 
5 second transactor to saici second authentication apparatus 
in response to a first request by said first transactor 
including information indicating said transaction content 
and information specifying said second transactor, 
receives first signature information from said second 

10 authentication apparatus in response to said second 

request, transmits a third request including information 
relating to said transaction content included in said 
first request and said first signature information to the 
apparatus used by said second transactor, stores a log of 

15 said transaction when receiving a predetennined reply 
from said second transactor in response to the related 
third request, and provides second signature information 
for authenticating a legitimacy of said transaction to 
said first transactor. 

20 24. An authentication method for authenticating a 

transaction between a first transactor and a second 
transactor performed via a network by using a first 
authentication apparatus for authenticating a transaction 
relating to the first transactor and a second 

25 authentication apparatus for authenticating a transaction 
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relating to the second transactor, 

said authentication method comprising the steps 

of: 

issuing a first request including information 
5 indicating said transaction content and inf oarmation 
specifying said second transactor from said first 
transactor to said first authentication apparatus, 

transmitting a second request including the 
infoirmation specifying said second transactor from said 
10 first authentication apparatus to said second 

authentication apparatus in response to said first 
request, 

transmitting first signature information 
indicating the authentication result by the related 
15 second authentication apparatus to said first 

authentication apparatus from said second authentication 
apparatus in response to said second request, 

transmitting a third request including the 
information relating to said transaction content included 
20 in said first request and said first signature 

information from said first authentication apparatus to 
an apparatus used by said second transactor, 

issuing a predetermined reply from the 
apparatus used by said second transactor to said first 
2 5 authentication apparatus in response to the related third 



- 15 - 



request: and, 

in accordance with said predetermined reply, 
storing a log of said transaction, producing second 
signature information indicating the authentication 
5 result of the legitimacy of said transaction, and 

transmitting the related second signature information to 
the apparatus used by said first transactor by said first 
authentication apparatus . 

25 . An authentication method as set forth in claim 
10 24, further comprising the steps of: 

sending an encryption key for use in 
communication with said second transactor from said 
second authentication apparatus to said first 
authentication apparatus in accordance with said second 

15 request and 

having said first authentication apparatus 
encrypt said information relating to transaction content 
and said first signature information using said 
encryption key, then send them to the apparatus used by 

20 said second transactor. 

26. An authentication method as set forth in claim 
24, further comprising the steps of having said first 
authentication apparatus receive said predetermined reply 
including identification information for use by said 

25 second authentication apparatus in identifying said 
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second transactor from the apparatus used by said second 
transactor and store a log of said transaction generated 
using said identification information. 

27. An authentication method as set forth in claim 
5 24, further comprising tlie steps of sending a third 

request including inf oannation other than the information 
relating to the charging of said first transactor in the 
information relating to said transaction content included 
in said first request and said first signature 
10 information from the first authentication apparatus to 
the apparatus used by said second transactor . 

28. An authentication method as set forth in claim 
24, further comprising the steps of sending a third 
request including information relating to the charging of 

15 said first transactor included in said first request, 

said first signature information, and an encryption key 
for use in communication with said authentication 
apparatus from the first authentication apparatus to the 
apparatus used by said second transactor . 

20 29. An authentication method for authenticating a 

transaction between a first transactor and a second 
transactor performed via a network by using a first 
authentication apparatus for authenticating a transaction 
relating to the first transactor and a second 

25 authentication apparatus for authenticating a transaction 
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relating to the second transactor, 

said authentication method comprising the steps 

of: 

issuing a first request including information 
5 indicating said transaction content, personal key 

information of said first transactor, and information 
specifying said second transactor from said first 
transactor to said first authentication apparatus, 

transmitting a second request obtained by 
10 deleting said personal key from said first request from 
said first authentication apparatus to said second 
authentication apparatus in response to said first 
request, 

transmitting a third request including 
15 information indicating the content of said transaction 
from said second authentication apparatus to the 
apparatus used by said second transactor in response to 
said second request, 

transmitting a first reply from the apparatus 
20 used by said second transactor to said second 

authentication apparatus in response to said third 
request, 

transmitting a second reply including payment 
method infoirmation indicating a payment method to said 
25 second transactor from said second authentication 
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apparatus to said first authentication apparatus in 
accordance with said first reply, and 

managing a payment relating to said transaction 
between said first transactor and said second transactor 
5 based on said payment method info2:mation by said first 
authentication apparatus . 

30 . An authentication method as set forth in claim 
29, wherein said first authentication apparatus performs 
processing for receiving a payment from said first 

10 transactor relating to said transaction, processing for 
paying a part of said payment to said second transactor 
in accordance with said transaction, and processing for 
receiving a remainder of said payment as a fee . 

31 . An authentication method as set forth in claim 
15 29, wherein said first authentication apparatus inquires 

to said second authentication apparatus whether or not 
said second transactor has contracted with said second 
authentication apparatus in response to said first 
request and, when receiving an answer indicating it has 
20 contracted with it from said second authentication 

apparatus, transmits said second request to said second 
authentication apparatus . 

32 . An authentication method as set forth in claim 
29, wherein when receiving said second reply, said first 

2 5 authentication apparatus transmits a third reply 
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including signature information including the result of 
authentication perfo2nned by the related first 
authentication apparatus for said transactor to the 
apparatus used by said first transactor. 
5 33 . An authentication apparatus holding information 

relating to a first transactor and authenticating a 
transaction between said first transactor and a second 
transactor performed via a network while communicating 
with another authentication apparatus holding information 

10 relating to said second transactor, 

said authentication apparatus comprising: 
a receiving means for receiving a first request 
including information indicating said transaction 
content, personal key information of said first 

15 transactor, and information specifying said second 

transactor from said first transactor and receiving a 
reply including payment method information indicating a 
payment method to said second transactor from said other 
authentication apparatus , 

20 a transmitting means for transmitting a second 

request obtained by deleting said personal key from said 
first request to said other authentication apparatus in 
response to said first request, and 

a charging means for managing a payment 

25 relating to said transaction between said first 
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transactor and said second transactor based on said 
payment method information. 

34 . An authentication apparatus as set forth in 
claim 33, wherein said charging means performs processing 
5 for receiving a payment from said first transactor 

relating to said transaction, processing for paying a 
part of said payment to said second transactor in 
accordance with said transaction, and processing for 
receiving a remainder of said payment as a fee. 

10 35. An authentication apparatus as set forth in 

claim 33, wherein said transmitting means inquires to 
said other authentication apparatus whether or not said 
second transactor has contracted with said second 
authentication apparatus in response to said first 

15 request and, when receiving an answer indicating it has 
contracted with it from said other authentication 
apparatus, transmits said second request to said other 
authentication apparatus . 

36. An authentication apparatus as set forth in 

20 claim 33, wherein when said receiving means receives said 
second reply, said transmitting means transmits a reply 
including signature information including the result of 
authentication performed by itself for said transactor to 
the apparatus used by said first transactor. 

25 37 . An authentication apparatus as set forth in 



- 21 - 



claim 36, wherein said transmitting means encrypts said 
reply by using a secret key corresponding to the related 
first authentication apparatus and transmits the same to 
the apparatus used by said first transactor. 
5 38. An authentication apparatus as set forth in 

claim 33, wherein said transmitting means transmits said 
second request further including the signature 
information indicating the result of authentication 
performed by the related, first authentication apparatus 
10 for said transaction to said other authentication 
apparatus . 

39. An authentication system comprising a first 
authentication apparatus for authenticating a transaction 
relating to a first transactor and a second 
15 authentication apparatus for authenticating a transaction 
relating to a second transactor and authenticating a 
transaction between said first transactor and said second 
transactor perf oinned via a network , 

said authentication system comprising the steps 

20 of: 

issuing a first request including information 
indicating said transaction content, personal key 
information of said first transactor, and information 
specifying said second transactor from said first 
25 transactor to said first authentication apparatus. 
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transmitting a second request obtained by 
deleting said personal key from said first request from 
said first authentication apparatus to said second 
authentication apparatus in response to said first 
5 request, 

transmitting a third request including the 
information indicating the content of said transaction 
from said second authentication apparatus to the 
apparatus used by said second transactor in response to 
10 said second request, 

transmitting a first reply from an apparatus 
used by said second transactor to said second 
authentication apparatus in response to said third 
request, 

15 transmitting a second reply including payment 

method information indicating a payment method to said 
second transactor from said second authentication 
apparatus to said first authentication apparatus in 
accordance with said first reply, and 

20 managing a payment relating to said transaction 

between said first transactor and said second transactor 
based on said payment method information by said first 
authentication apparatus . 

40. An authentication method comprising the steps 

25 of: 
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having an authentication apparatus divide 
authentication information of a user into first 
authentication information and second authentication 
inf oirmation , 

5 providing a portable memory device storing said 

second authentication inf oarmation to said user , 

transmitting an authentication information 
request from a terminal capable of accessing said 
portable memory device to said authentication apparatus , 
10 transmitting said first authentication 

information from said authentication apparatus to said 
terminal when said authentication apparatus decides said 
authentication information request is by a legitimate 
user, and 

15 having said terminal restore said 

authentication information by using said first 
authentication information received from said 
authentication apparatus and said second authentication 
information read from said portable memory device. 

20 41. An authentication method comprising the steps 

of: 

generating authentication information, 
dividing said authentication information into 
first authentication information and second 
2 5 authentication information. 
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providing a portable memory device storing said 
second authentication information to a user, and 
transmitting said first authentication 
information to a transmission destination designated by 
5 said authentication information request when deciding 
that the received authentication information request is 
by a legitimate user . 

42 . An authentication method as set forth in claim 
41, further comprising the steps of: 

10 storing in advance transmission destination 

information corresponding to the user and 

deciding that said authentication information 

request is by a legitimate user when said transmission 

destination information included in said authentication 
15 information reqpaest is present in said stored 

transmission destination information. , 

43. An authentication method as set forth in claim 
41, wherein said authentication information is 
information produced using public key encryption. 

20 44. An authentication method as set forth in claim 

41, wherein said portable memory device is a smart card. 
45. An authentication apparatus comprising: 
a controlling means for generating 
authentication information, dividing said authentication 
25 information into first authentication information and 
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second authentication information, and deciding whether 
or not the received authentication information request is 
by a legitimate user, 

a writing means for writing said second 
5 authentication information into a portable memory device, 
a receiving means for receiving said 
authentication information request from a user of said 
portable memory device, and 

a transmitting means for transmitting said 
10 first authentication information to a transmission 

destination designated by said authentication information 
request when it is decided that said authentication 
information request is by a legitimate user. 

46. An authentication apparatus as set forth in 
15 claim 45, further comprising 

a storage means for storing in advance 
transmission destination information corresponding to the 
user is further provided and 
wherein 

20 said controlling means decides that said 

authentication information request is by a legitimate 
user when said transmission destination information 
included in said authentication information request is 
present in said stored transmission destination 

25 information. 
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47. An authentication apparatus as set forth in 
claim 45, wherein said authentication information is 
information produced using public key encr3^tion. 

48. A communication apparatus comprising: 

5 a receiving means for receiving a request 

including personal identification information for 
identifying a user, 

a storage means for storing said personal 
identification information and information of a 
10 transmission destination for transmitting a processing 
result in correspondence, 

a processing means for performing predetermined 
processing in response to said request, and 

a transmitting means for reading information of 
15 said transmission destination corresponding to said 
personal identification information in<?luded in said 
request from said storage means and transmitting the 
result of said processing to the transmission destination 
specified by the related read inf oinnation of said 
20 transmission destination. 

49. A communication apparatus as set forth in claim 
48 , wherein 

said receiving means receives a request 
including encrypted personal identification information , 
2 5 and 
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said communication apparatus further comprises 
a decrypting means for decrypting said personal 
identification information included in said received 
request. 

5 50. A communication apparatus as set forth in claim 

48, wherein said personal identification information is 
an identifier assigned to the user registered in the 
communication apparatus in advance. 

51. A communication apparatus as set forth in claim 

10 48, wherein the information of the transmission 
destination for transmitting the result of said 
processing is information provided by the transmitting 
side of said request to the related communication 
apparatus off-line . 

15 52 . A communication apparatus as set forth in claim 

48, wherein the information of the transmission 
destination for transmitting said predetermined result is 
personal identification information for unambiguously 
identifying said user in the network with the related 

20 communication apparatus connected thereto. 

53 . A communication apparatus as set forth in claim 
48, wherein said processing is authentication processing. 

54. A communication system comprising 

a first communication apparatus and 
2 5 a second communication apparatus connected via 
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a network, wherein 

said first communication apparatus comprises : 

a first receiving means for receiving a request 
including personal identification information for 
5 identifying a user, 

a storage means for storing said personal 
identification information and information of a 
transmission destination for transmitting a processing 
result in correspondence , 
10 a processing means for performing predetermined 

processing in response to said request, and 

a first transmitting means for reading the 
information of said transmission destination 
corresponding to said personal identification information 
15 included in said request from said storage means and 
transmitting the result of said processing to the 
transmission destination specified by the related read 
information of said transmission destination and wherein 

said second communication apparatus comprises : 
20 a second transmitting means for transmitting 

said request to said first communication apparatus, 

a second receiving means for receiving the 
result of said processing from said first communication 
apparatus , and 

25 an outputting means for outputting the result 
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of the related received authentication processing. 

55. A communication method using a first 
communication apparatus and a second communication 
apparatus connected via a network, 

5 said communication method comprising the steps 

of: 

transmitting a request including personal 
identification information for identifying a user from 
said second communication apparatus to said first 

10 communication apparatus, 

having said first communication apparatus 
perform predetermined processing in response to said 
request, and 

having said first communication apparatus refer 

15 to a correspondence of said personal identification 

information and information of a transmission destination 
for transmitting the result of the processing produced in 
advance and transmit a result of said processing to the 
transmission destination specified by information of the 

20 transmission destination corresponding to said personal 
identification information included in said request. 

56. A communication method as set forth in claim 
55, further comprising the step of having said second 
communication apparatus output the results of said 

2 5 processing received from said first communication 
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apparatus . 

57. A communication method as set forth in claim 
55, further comprising the step of having said first 
communication apparatus receive said request including 

5 encrypted personal identification information and decrypt 
said personal identification information included in said 
received reply . 

58. A communication method as set forth in claim 
55, wherein said personal identification information is 

10 an identifier assigned to a user registered at said first 
communication apparatus in advance . 

59. A communication method as set forth in claim 
55, wherein the information of the transmission 
destination for transmitting the result of said 

15 processing is information provided by the transmitting 
side of said request to the related fi?:st communication 
apparatus off-line . 

60 . A communication method as set forth in claim 
55, wherein the information of the transmission 

20 destination for transmitting said predetermined result is 
personal identification infonnation for unambiguously 
identifying said user in the network with the related 
first communication apparatus connected thereto . 

61 . An authentication apparatus for authenticating 
25 a transaction performed between at least two parties via 
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a network, 

said authentication apparatus comprising: 

a first receiving means for receiving a first 
request including personal key information of a first 
5 transactor and information indicating a transaction 
content from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor based on said 
personal key information included in said first request 
10 and generating first authentication information, 

a first transmitting means for transmitting a 
second reqpiest including information obtained by deleting 
the personal key information of said first transactor 
from said first request and including said first 
15 authentication information to a second transactor, 

a second receiving means for * receiving a reply 
with respect to said second request from said second 
transactor , 

a second authenticating means for 
20 authenticating a legitimacy of said second transactor and 
generating second authentication information , 

a second transmitting means for transmitting 
said second authentication information to said first 
transactor , 

2 5 an identification information issuing means for 
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issuing transaction identification information when 
receiving said first request, and 

a log managing means for managing a log of the 
reception of said first reopiest, transmission of said 
5 second request, and the reception of said reply by using 
said transaction identification information. 

62 . An authentication apparatus as set forth in 
claim 61, wherein said transaction log managing means 
generates log information for each of the reception of 

10 said first request, transmission of said second request, 
and reception of said reply and stores the related log 
information relating to said transaction identification 
information . 

63 . An authentication apparatus as set forth in 
15 claim 61, wherein said transmitting means transmits a 

second request further including said transaction 
identification information to said second transactor. 

64 . An authentication apparatus as set forth in 
claim 63, wherein said second authenticating means 

20 authenticates the legitimacy of said reply based on said 
transaction identification information included in said 
reply and said log managed by said transaction log 
managing means . 

65 . An authentication apparatus as set forth in 
25 claim 61, 
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further comprising an account processing means 
for performing the account processing concerned in said 
transaction , and 

wherein 

5 said transaction log managing means stores log 

information indicating that the account processing is 
terminated in correspondence with said transaction 
identification information after the end of said account 
processing . 

10 66. An authentication apparatus as set forth in 

claim 61 , wherein the personal key information of said 
first transactor is information relating to the charging 
of said first transactor. 

67 . An authentication system for authenticating a 

15 transaction performed between at least two parties via a 
network, 

said authentication system comprising 
a first communication apparatus used by a first 
transactor , 

20 a second communication apparatus used by a 

second transactor, and 

an authentication apparatus for authenticating 
said transaction, wherein 

said authentication apparatus comprises : 
25 a first receiving means for receiving a first 
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request including personal key information of said first 
transactor and including an information indicating the 
transaction content from said first transactor, 

a first authenticating means for authenticating 
5 a legitimacy of said first transactor based on said 

personal key information included in said first request 
and generating first authentication information, 

a first transmitting means for transmitting a 
second request including information obtained by deleting 
10 the personal key information of said first transactor 
from said first request and including said first 
authentication information to said second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
15 transactor, 

a second authenticating means for 
authenticating a legitimacy of said second transactor in 
accordance with said reply and generating second 
authentication information, 
20 a second transmitting means for transmitting 

said second authentication information to said first 
transactor , 

a transaction identification information 
issuing means for issuing transaction identification 
2 5 information when receiving said first request, and 
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a transaction log managing means for managing a 
log of the reception of said first request, transmission 
of said second request, and the reception of said reply 
by using said transaction identification information. 
5 68 . An authentication method for authenticating a 

transaction performed between at least two parties via a 
network , 

said authentication method comprising the steps 

of: 

10 receiving a first request including personal 

key information of a first transactor and including 
information indicating a transaction content from said 
first transactor, 

issuing transaction identification information 

15 in accordance with the related reception, 

authenticating a legitimacy <?f said first 
transactor based on said personal key information 
included in said first request and generating first 
authentication information , 

20 transmitting a second request including 

inf oinnation obtained by deleting the personal key 
information of said first transactor from said first 
request and including said first authentication 
inf oinnation to said second transactor, 

2 5 receiving a reply with respect to said second 



request from said second transactor, 

authenticating a legitimacy of said second 
transactor in accordance with said reply and generating 
second authentication information, 
5 transmitting said second authentication 

information to said first transactor, and 

managing a log of the reception of said first 
request, transmission of said second request, and the 
reception of said reply by using said transaction log 
10 information. 

69 . A communication control apparatus for 
controlling communication processing carried out in a 
second communication apparatus on a network in response 
to a reqpiest from one or more first communication 
15 apparatuses, 

said communication control apparatus 
comprising : 

a storage means for storing apparatus 
identification information for identifying said first 
20 communication apparatus, 

a transmitting means for transmitting a request 
including said apparatus identification information 
corresponding to the related first communication 
apparatus to said second communication apparatus in 
2 5 response to the request from said first communication 
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apparatus , 

a receiving means for receiving a reply 
including the apparatus identification information for 
identifying the transmitting apparatus of said request 
5 from said second communication apparatus , and 

a controlling means for deciding if said 
request corresponding to said received reply is by a 
legitimate first communication apparatus whose apparatus 
identification information is stored in said storage 

10 means based on whether or not said apparatus 

identification information included in said reply and 
said apparatus identification information stored in said 
storage means coincide. 

70. A communication control apparatus as set forth 

15 in claim 69, wherein said controlling means sends a 

predetermined notification to said secpnd communication 
apparatus when said apparatus identification information 
included in said reply and said apparatus identification 
information stored in said storage means do not coincide . 

20 71. A communication control apparatus as set forth 

in claim 69, wherein said controlling means sends a 
predetermined notification to an apparatus of the 
destination of a transaction where the result of 
processing included in said reply is used when said 

2 5 apparatus identification information included in said 



- 38 - 



reply and said apparatus identification information 
stored in said storage means do not coincide. 

72 . A communication control apparatus as set forth, 
in claim 69, wherein said transmitting means transmits 

5 said request including personal identification 

information received from said first communication 
apparatus and including said apparatus identification 
information corresponding to the related first 
communication apparatus to said second communication 
10 apparatus. 

73 . A communication control apparatus as set forth 
in claim 69, wherein said storage means stores said 
apparatus identification information received from said 
first communication apparatus . 

15 74. A communication control apparatus as set forth 

in claim 73, wherein said storage means stores said 
apparatus identification information received from said 
first communication apparatus when a power of the related 
communication control apparatus is turned on . 

20 75 . A communication control apparatus as set forth 

in claim 69, wherein said controlling means writes a 
communication log between said first communication 
apparatus and said second communication apparatus in said 
storage means . 

25 76. A communication control apparatus as set forth 
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in claim 69, wherein said controlling means transmits the 
processing result of said second communication apparatus 
included in said reply to said first communication 
apparatus of the transmission destination of said 
5 reqiiest. 

77 . A communication control apparatus as set forth 
in claim 69, wherein said controlling means controls the 
communication so that said first communication apparatus 
in a stand-by state enters an operating state in 

10 accordance with the information received from said 
receiving means . 

78. A communication control apparatus as set forth 
in claim 69, wherein said controlling means controls the 
communication between a network to which said first 

15 communication apparatus is connected and a network to 

which said second communication apparatus is connected. 

79. A communication control apparatus as set forth 
in claim 69, wherein said controlling means performs 
processing as a gateway. 

20 80. A communication control apparatus as set forth 

in claim 69, wherein said apparatus identification 
information is an identifier that can unambiguously 
identify the related communication apparatus assigned by 
the manufacturer of said first communication apparatus . 

25 81. A communication control apparatus as set forth 
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in claim 69, wherein said personal identification 
information is an identifier assigned to a registered 
user in advance . 

82 . A communication control apparatus as set forth 
5 in claim 69, wherein sai<i receiving means receives said 

reply including the result of authentication processing 
performed by said second communication apparatus from 
said second communication apparatus . 

83 . A communication system for controlling at a 

10 communication control apparatus communication relating to 
processing carried out at a second communication 
apparatus on a network in response to a request from one 
or more first communication apparatuses , wherein 

said communication control apparatus comprises: 

15 a first storage means for storing apparatus 

identification information for identifying said first 
communication apparatus , 

a first transmitting means for transmitting a 
request including said apparatus identification 

20 information corresponding to the related first 
communication apparatus and including personal 
identification information to said second communication 
apparatus in response to the request from said first 
communication apparatus , 

25 a first receiving means for receiving a reply 
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including the apparatus identification information for 
identifying the transmitting apparatus of said request 
from said second communication apparatus , and 

a controlling means for deciding if said 
5 request corresponding to ' said received reply is by a 

legitimate first communication apparatus whose apparatus 
identification information is stored in said first 
storage means based on whether or not said apparatus 
identification information included in said reply and 
10 said apparatus identification infoarmation stored in said 
first storage means coincide and wherein 

said second communication apparatus comprises : 
a second receiving means for receiving said 

request, 

15 a second storage means for storing said 

request, 

a second storage means for storing said 
personal identification information and information of a 
transmission destination for transmitting a processing 
20 result in correspondence, 

a processing means for performing predetermined 
processing in response to said request, and 

a second transmitting means for reading the 
information of said transmission destination 
25 corresponding to said personal identification information 
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included in said request from said second storage means 
and transmitting the result of said processing and said 
apparatus identification information included in said 
request in correspondence to the transmission destination 
5 specified by the related read transmission destination 
information . 

84 . A communication method for controlling at the 
communication control apparatus communication relating to 
processing carried out at a second communication 
10 apparatus on a network in response to a request from one 
or more first communication apparatuses, 

said communication method comprising the steps 

of: 

transmitting a request including apparatus 
15 identification information corresponding to the related 
first communication apparatus and inclvding personal 
identification information from said communication 
control apparatus to said second communication apparatus 
in response to the request issued from said first 
20 communication apparatus to said communication control 
apparatus , 

having said second communication apparatus 
perform predetermined processing in response to said 
received request, 
2 5 having said second communication apparatus 
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transmit a reply including the result of said processing 
and including said apparatus identification information 
included in said request to said communication control 
apparatus based on the information of the transmission 
5 destination corresponding to said personal identification 
information included in said request, and 

having said communication control apparatus 
decide if said request corresponding to said received 
reply is by a legitimate first communication apparatus 
10 based on whether or not said apparatus identification 
information included in said received reply and said 
apparatus identification information of said first 
communication apparatus held in advance coincide . 

85 . A communication method as set forth in claim 
15 84, wherein said communication control apparatus sends a 

predetermined notification to said second communication 
apparatus when said apparatus identification information 
included in said received reply and said apparatus 
identification information of said first communication 
20 apparatus held in advance do not coincide. 

86. An authentication apparatus for performing 
authentication processing in response to an 
authentication request, 

said authentication apparatus comprising: 
2 5 a receiving means for receiving said 
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authentication request including personal identification 
information for identifying a user and including 
apparatus identification information for identifying a 
transmitting apparatus of said authentication request, 
5 a storage means for storing said personal 

identification information and the information of the 
transmission destination for transmitting an 
authentication result in correspondence, 

an authentication processing means for 

10 performing authentication processing in response to said 
authentication request, and 

a transmitting means for reading the 
information of said transmission destination 
corresponding to said personal identification information 

15 included in said authentication request from said storage 
means and transmitting the result of said authentication 
processing and said apparatus identification information 
included in said authentication request in correspondence 
to the transmission destination specified by the related 

20 read transmission destination information. 

87 . An authentication apparatus as set forth in 
claim 86, wherein 

said receiving means receives said 
authentication request including encrypted personal 

2 5 identification information and apparatus identification 
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information, and 

said authentication apparatus further comprises 
a decrypting means for decrypting said personal 
identification information and said apparatus 
5 identification information included in said received 
authentication request. 

88 . An authentication apparatus as set forth in 
claim 86, wherein said receiving means receives said 
authentication request further including third 

10 identification information used for the charge processing 
relating to said user . 

89. An authentication apparatus as set forth in 
claim 86, wherein said personal identification 
information is an identifier assigned to a registered 

15 user in advance. 

90 . An authentication apparatus as set forth in 
claim 86, wherein said apparatus identification 
information is an identifier capable of unambiguously 
identifying the related apparatus assigned by the 

20 manufacturer of said apparatus. 

91 . An authentication apparatus for performing 
authentication processing relating to a transaction 
performed via a network, 

said authentication apparatus comprising: 
2 5 a receiving means for receiving an 
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authentication request by a user engaging in a 
transaction including personal identification information 
for identifying the user, transaction information 
indicating content of the transaction, and apparatus 
5 identification information for identifying a transmitting 
apparatus of said authentication request, 

a storage means for storing said personal 
identification information and infomnation of a 
transmission destination for transmitting the 

10 authentication result in correspondence, 

an authentication processing means for 
transmitting said transaction information included in 
said received authentication request to an apparatus of 
the user designated by said authentication request and 

15 performing predetermined authentication processing in 

accordance with a reply from the apparatus of the related 
designated user, and 

a transmitting means for reading the 
information of said transmission destination 

2 0 corresponding to said personal identification information 
included in said authentication request from said storage 
means and transmitting the result of said authentication 
processing and said apparatus identification information 
included in said authentication request in correspondence 

2 5 to the transmission destination specified by the related 
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read transmission destination information. 

92 . An authentication apparatus as set forth in 
claim 91, wherein said authentication processing means 
attaches signature information indicating the 

5 authentication result of the related authentication 

apparatus to said transaction information and transmits 
the same to the apparatus of said designated user and 
generates signature information of the related 
authentication apparatus of the result of said 
10 authentication processing in accordance with the reply 
from said designated user. 

93 . An authentication apparatus as set forth in 
claim 91 , wherein said storage means stores log 
information of transactions between the user issuing said 

15 authentication request and said designated user. 

94 . An authentication apparatus ^s set forth in 
claim 91 , wherein 

said receiving means receives said 
authentication request including encrypted personal 
20 identification information and apparatus identification 
information, and 

said authentication apparatus further comprises 
a decrypting means for decrypting said personal 
identification information and said apparatus 
2 5 identification information included in said received 
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authentication request. 

95 . An authentication apparatus as set forth in 
claim 91/ wherein said receiving means receives said 
authentication request further including third 

5 identification information used for the charge processing 
relating to said user. 

96. An authentication apparatus as set forth in 
claim 91, further comprising a charge processing means 
for performing charge processing for the authentication 

10 relating to said transaction. 

97 . A processing apparatus for requesting 
authentication relating to a transaction performed via a 
network , 

said processing apparatus comprising: 
15 a transmitting means for transmitting said 

authentication request including persoiiial identification 
information for identifying a user and apparatus 
identification information for identifying a related 
processing apparatus, 
20 a receiving means for receiving an 

authentication reply including identification information 
for identifying a transmitting apparatus of the 
authentication request, and 

a controlling means for deciding whether or not 
25 said personal identification information and the 



- 49 - 



identification information included in said 
authentication reply coincide. 

98 . A processing apparatus as set forth in claim 
97 , wherein said controlling means sends a predetermined 
5 notification to the transmitting side of said 

authentication reply when deciding that said apparatus 
identification information and the identification 
infoirmation included in said authentication reply do not 
coincide . 

10 99. A processing apparatus as set forth in claim 

97 , wherein said controlling means sends a predetermined 
notification to the apparatus of the destination of 
transaction where the result of the related 
authentication included in said authentication reply is 

15 used when deciding that said apparatus identification 

information and the identification information included 
in said authentication response do not coincide . 

100. An authentication system comprising a 
processing apparatus and an authentication apparatus 

20 connected via a network, wherein 

said authentication apparatus comprises : 
a receiving means for receiving an 
authentication request including personal identification 
information for identifying a user and apparatus 

25 identification information for identifying a transmitting 
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apparatus of said authentication request, 

a storage means for storing said personal 
identification information and information of a 
transmission destination for transmitting the 
5 authentication result in correspondence , 

an authentication processing means for 
performing authentication processing in response to said 
authentication request, and 

a transmitting means for reading the 

10 information of said transmission destination 

corresponding to said personal identification information 
included in said authentication request from said storage 
means and transmitting an authentication reply including 
the result of said authentication processing and said 

15 apparatus identification infoinnation included in said 
authentication request to the transmission destination 
specified by the related read transmission destination 
information and wherein 

said processing apparatus comprises: 

20 a transmitting means for transmitting said 

authentication request including said personal 
identification information and said apparatus 
identification information for identifying the related 
processing apparatus, 

25 a receiving means for receiving said 
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authentication reply, and 

a controlling means for deciding whether or not 
said apparatus identification information of the related 
processing apparatus and said apparatus identification 
5 information included in said authentication reply 
coincide . 

101. An authentication method using a processing 
apparatus and an authentication apparatus connected via a 
network , 

10 said authentication method comprising the steps 

of: 

transmitting an authentication request 
including personal identification information for 
identifying a user and apparatus identification 
15 information for identifying a related processing 
apparatus from said processing apparatus to said 
authentication apparatus , 

performing authentication processing in 
response to said authentication request at said 
20 authentication apparatus, 

transmitting an authentication reply including 
the result of said authentication processing and said 
apparatus identification information included in said 
authentication request to said processing apparatus 
2 5 specified by the information of said transmission 
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destination corresponding to said personal identification 
information included in said authentication request from 
said authentication apparatus, and 

having said processing apparatus decide whether 
5 or not said apparatus identification information included 
in said authentication reply received from said 
authentication apparatus, said apparatus identification 
information of the related processing apparatus, and said 
apparatus identification infoinnation included in said 
10 authentication reply coincide. 

102 . An authentication method as set forth in claim 
101 , wherein said processing apparatus sends a 
predetermined notification to said authentication 
apparatus when deciding that the identification 

15 information included in said authentication reply does 
not coincide . 

103. An authentication method as set forth in claim 
101, wherein said processing apparatus sends a 
predetermined notification to the apparatus of the 

20 destination of transaction where the result of said 

authentication included in said authentication reply is 
used when deciding that the identification information 
included in said authentication reply does not coincide. 

104. An information storage method comprising of the 
25 steps of 
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dividing predeteirmined information into a 
plurality of modules each independently maintaining 
confidentiality of the predetermined information and 

storing said plurality of modules on storage 
5 media different from each other or in different regions 
of an identical storage medium. 

105 . An information restoration method comprising 
the steps of: 

reading modules from a plurality of storage 
10 media or different regions of an identical storage medium 
when a plurality of modules each independently 
maintaining confidentiality of the predetermined 
information are stored on a plurality of storage media 
different from each other or in different regions of an 
15 identical storage medxTom and 

combining the related read mpdules to restore 
said predetermined information . 

106. An information restoration method as set forth 
in claim 105, wherein the plurality of storage media 

20 different from each other and with said plurality of 
modules stored therein are storage media physically 
independent from each other . 

107 . An information restoration method as set forth 
in claim 105, wherein said read modules are combined and 

25 then decrypted to restore said predetermined information. 
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108 . An ±nf oinnation storage device comprising 

an information dividing means for dividing said 
predetermined information into a plurality of modules 
each independently maintaining the confidentiality of the 
predetermined information and 

a writing means for writing said plurality of 
modules on storage media different from each other or in 
different regions of an identical storage medium. 

109. An information storage device as set forth in 
claim 108 , wherein said plurality of storage media 
different from each other on which the plurality of 
modules are stored are storage media physically 
independent from each other . 

110 . An information storage device as set forth in 
claim 108, wherein 

said device further comprises an encrypting 
means for encrypting said predetermined information and 

said information dividing means divides the 
information obtained by the encryption into said 
plurality of modules each independently maintaining the 
confidentiality of the predetermined information. 

111. An information storage device as set forth in 
claim 108, wherein 

said device further comprises an encrypting 
means for encrypting said plurality of modules and 



- 55 - 



said writing means writes the plurality of 
modules obtained by the encryption in storage media 
different from each other or in different regions of an 
identical storage medium. 
5 112 . An information restoration device comprising 

a reading means for reading modules from a 
plurality of storage media or different regions of an 
identical storage medium when a plurality of modules each 
independently maintaining the confidentiality of the 
10 predetermined information are stored on a plurality of 
storage media different from each other or in the 
different regions of the identical storage medium and 

an information combining means for combining 
the related read modules to restore said predetermined 
15 information. 

113 . An information restoration device as set forth 
in claim 112 , wherein said plurality of storage media 
different from each other on which the plurality of 
modules are stored are storage media physically 

20 independent from each other. 

114 . An information restoration device as set forth 
in claim 112 , further comprising a decrypting means for 
decrypting the information obtained by combining the 
modules . 

2 5 115. An information restoration device as set forth 
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in claim 112 , wherein 

said device further comprises a decrypting 
means for decrypting said read modules and 

said information combining means combines said 
decrypted modules to restore said predetermined 
information . 

116. A computer readable storage meditim storing one 
module among a plurality of modules when predetermined 
information is divided into a plurality of modules each 
independently maintaining the confidentiality of the 
predetermined information . 
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1 . An authentication apparatus for authenticating 
a transaction performed between at least two parties via 
a network, 

5 said authentication apparatus comprising : 

a first receiving means for receiving a first 
request including personal key information of a first 
transactor and information indicating a transaction 
content from said first transactor, 
10 a first authenticating means for authenticating 

a legitimacy of said first transactor based on said 
personal key information included in said first request 
and generating first authentication information, 

a first transmitting means for transmitting a 
15 second request including information obtained by deleting 
the personal key infoarmation of said first transactor 
from said first request and said first authentication 
information to said second transactor, 

a second receiving means for receiving a reply 
20 with respect to said second request from said second 
transactor , 

a second authenticating means for 
authenticating the legitimacy of said second transactor 
and generating second authentication information in 
2 5 accordance with said reply, and 



a second transmitting means for transmitting 
said second authentication information to said first 
transactor . 

2- : An authentication ap p aratus as s e t forth in 

5 claim 1 , — wh e rein said pe rsonal key information o f said 
fi r st t r ansactor is inf o rmation relating to the char g ing 
o f said first transactor. 

3- : All ' authentication ap p aratus — ^ts — s e t foa r th — im 

claim 1 , — further c o mprisin g a storage means for st or ing 

10 lo g informati o n indicating a l o g of said transacti o n. — 
4 . An authentication system for authenticating a 
transaction performed between at least two parties via a 
network , 

said authentication system comprising: 
15 a first communication apparatus used by a first 

transactor , 

a second communication apparatus used by a 
second transactor , and 

an authentication apparatus for authenticating 
20 said transaction, 
wherein 

said authentication apparatus comprises 
a first receiving means for receiving a first 
request including personal key information of the first 
2 5 transactor and information indicating transaction content 
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from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor based on said 
personal key information included in said first request 
5 and generating first authentication information, 

a first transmitting means for transmitting a 
second request including information obtained by deleting 
the personal p key information of said first transactor 
from said first request and said first authentication 
10 information to said second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
transactor , 

a second authenticating means for 
15 authenticating the legitimacy of said second transactor 
and generating second authentication information in 
accordance with said reply, and 

a second transmitting means for transmitting 
the second authentication information indicating the 
20 legitimacy of said transaction to said first transactor. 

5 . An authentication method for authenticating a 
transaction performed between at least two parties via a 
network , 

said authentication method comprising the steps 

25 of: 



receiving a first request including personal 
key information of a first transactor and. information 
indicating transaction content from said first 
transactor , 

5 authenticating a legitimacy of said first 

transactor based on said personal key information 
included in said first request and generating first 
authentication information, 

transmitting a second request including 
10 information obtained by deleting the personal key 

information of said first transactor from said first 
request and said first authentication information to said 
second transactor, 

receiving a reply with respect to said second 
15 request from said second transactor, 

authenticating a legitimacy of said second 
transactor in accordance with said reply and generating 
second authentication information, and 

transmitting said second authentication 
20 information to said first transactor. 

6-^ An authentication method as set fo r th in claim 

5, wh e r e in said transaction is settled using the pers o nal 
k e y information o f said first transactor . — 

7 . An authentication apparatus for authenticating 
2 5 a transaction performed between at least two parties via 
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a network , 

said authentication apparatus comprising: 

a first receiving means for receiving a first 
request including personal identification information of 
5 a first transactor and information indicating transaction 
content from said first transactor, 

a first authenticating means for authenticating 
a legitimacy , of said first transactor and generating a 
first authentication information in response to said 
10 first request, 

a first transmitting means for transmitting a 
second request including said first authentication 
information and information indicating content of said 
transaction to a second transactor, 
15 a second receiving means for receiving a reply 

with respect to said second request from said second 
transactor , 

a second authenticating means for 
authenticating a legitimacy of said second transactor in 
20 accordance with said reply and generating second 
authentication information, and 

a second transmitting means for transmitting 
said second authentication information to said first 
transactor . 

25 8. An authentication apparatus as set forth in 



claim 7 , wherein 

said first receiving means receives said first 
request further including the personal key information of 
said first transactor, and 
5 said first authenticating means authenticates 

the legitimacy of said first transactor based on said 
personal key information . 

9. An ^ authentication apparatus as set forth in 
claim 8 , wherein said personal key information of said 

10 first transactor is information relating to the charging 
of said first transactor. 

10. An authentication apparatus as set forth in 
claim 9, wherein said first transmitting means transmits 
the second request further including said personal key 

15 information of said first transactor to said second 
transactor . 

a-. An authenticati o n ap p aratus as set forth in 

claim 7 , — furth e r c o m p rising a st o ra g e means f o r storing 
l og information indicating a log of said transaction . 
20 12. An authentication apparatus as set forth in 

claim 7 , further comprising a decrypting means for 
decrypting said received first request when said first 
request is encrypted. 

13. An authentication apparatus as set forth in 
25 claim 7, further comprising an encrypting means for 
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encrypting said second request. 

14. An authentication apparatus as set forth in 
claim 7 , further comprising a decrypting means for 
decrypting said received reply when said reply is 

5 encrypted . 

15 . An authentication apparatus as set forth in 
claim 7 , further comprising an encrypting means for 
encrypting said second authentication inf oirmation . 

16. An authentication system for authenticating a 
10 transaction performed between at least two parties via a 

network , 

said authentication system comprising: 
a first communication apparatus used by a first 
transactor , 

15 a second communication apparatus used by a 

second transactor, and 

an authentication apparatus for authenticating 
said transaction, 

wherein 

20 said first communication apparatus transmits a 

first request including personal identification 
information of the first transactor and information 
indicating the transaction content to said authentication 
apparatus , and 

2 5 said authentication apparatus comprises: 



a first receiving means for receiving said 
first request from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor and generating 
5 first authentication information in response to said 
first request, 

a first transmitting means for transmitting a 
second request including said first authentication 
information and the content of said transaction to said 
10 second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
transactor, 

a second authenticating means for 
15 authenticating a legitimacy of said second transactor and 
generating second authentication information in response 
to said reply, and 

a second transmitting means for transmitting 
said second authentication information to said first 
20 transactor. 

^r?-; An authenticati o n system as set f o rth i n claim 

l-frT — wherein 

baid first receivin g means r e c e ives said first 

re q uesL further includin g p e rsonal key inf ormation of 
2 5 said first transactor and 



said first authenticatin g means — autlnenticates 

th e legitimacy of said fi r st transactor based on said 
p ersonal key informati o n . — 

iO-. An authentication syst e m as set fo r th in claim 

5 i-?-^ — wherein — said p ersonal k e y information of — said first 
transactor is information relating to char g in g o f said 
first transactor. 

19. An , authentication method for authenticating a 
transaction performed between at least two parties via a 
10 network, 

said authentication method comprising the steps 

of: 

receiving a first request including personal 
identification information of a first transactor and 
15 information indicating transaction content from said 
first transactor, 

authenticating a legitimacy of said first 
transactor and generating first authentication 
information in response to said first request, 
2 0 transmitting a second request including said 

first authentication information and the content of said 
transaction to a second transactor, 

receiving a reply with respect to said second 
request from said second transactor, 
2 5 authenticating a legitimacy of said second 
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transactor in accordance with said reply and generating 
second authentication inf oarmation, and 

transmitting said second authentication 
information to said first transactor. 

2^. An auth e ntication method as set forth in claim 

^9-, — furth er c o m p risin g th e st ep s of: 

r eceivin g said first request fu r th e r including 

personal k e y > inf o rmati o n o f said first t r ansactor and 

authenticating the le g itimacy of said first 

transact o r based o n — said pers o nal key informati o n . — 

2r5r-. An auth e ntication m e thod as set forth in claim 

2^-; — wher e in said personal key information of said first 
transact o r is information relating t o char g in g of said 
first transactor . 

22-: An auth e ntication method as s e t forth in claim 

21- ; — furth e r comprising th e step o f sendin g a second 
req uest further includin g said p e rsonal key information 
o f said first transa c t o r t o said second transactor . — 

An authentication method as s e t forth in e - laim 

22- ; — wherein said s e c o nd transactor performs accounting 
usin g the p ers o nal k e y information of said first 



transactor . — 

24 . An authentication apparatus holding information 
relating to a first transactor and authenticating a 
transaction between said first transactor and a second 



transactor performed via a network while communicating 
with another authentication apparatus holding information 
relating to said second transactor, 

said authentication apparatus comprising: 
5 a transmitting and receiving means for 

transmitting a second request including information 
specifying said second transactor in response to a first 
request from, said first transactor including information 
indicating said transaction content and information 

10 specifying said second transactor to said second 

authentication apparatus , receiving first signature 
information indicating an authentication result by said 
second authentication apparatus in response to said 
second request, transmitting a third request including 

15 information relating to said transaction content included 
in said first request and said first signature 
information to an apparatus used by said second 
transactor, and receiving a predetermined reply from an 
apparatus used by said second transactor in response to 

2 0 the related third request, 

a storage means for storing a log of said 
transaction when receiving said predetermined reply, and 

a signature producing means for producing 
second signature information to be transmitted to the 

25 apparatus used by said first transactor via said 



transmitting and receiving means when receiving said 
predetermined reply and indicating the authentication 
result of the legitimacy of said transaction. 

25. An authentication apparatus as set forth in 
5 claim 24, further comprising an encrypting means, and 
wherein 

said transmitting and receiving means receives 
an encryption, key used for the communication with said 
second transactor from said other authentication 

10 apparatus in response to said second request and 

transmits the information relating to said transaction 
content encrypted by using said encryption key at said 
encrypting means and said first signature information to 
the apparatus used by said second transactor . 

15 26. An authentication apparatus as set forth in 

claim 24, wherein 

said transmitting and receiving means receives 
said predetermined reply including the identification 
information used for identifying said second transactor 

20 by said other authentication apparatus from the apparatus 
used by said second transactor, and 

said storage means stores a log of said 
transactions generated by using said identification 
information . 

25 27 . An authentication apparatus as set forth in 
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claim 24, wherein said transmitting and receiving means 
transmits the third request including information other 
than the information relating to the charging of said 
first transactor in the information relating to said 
5 transaction content included in said first request and 

said first signature information to the apparatus used by 
said second transactor . 

28. An » authentication apparatus as set forth in 
claim 24, wherein said transmitting and receiving means 

10 transmits the third request including the information 
relating to said transaction content included in said 
first request, said first signature information, and the 
encryption key used for the communication with the 
related authentication apparatus to the apparatus used by 

15 said second transactor. 

29. An authentication apparatus as set forth in 
claim 24, further comprising a charge processing means 
for the charge processing for the authentication relating 
to said transaction . 

20 30. An authentication apparatus as set forth in 

claim 24, wherein said charge processing means performs 
processing for determining a rate of the charge for the 
authentication relating to said transaction with said 
other authentication apparatus . 

25 31. An authentication apparatus as set forth in 



claim 24, wherein said transmitting and receiving means 
receives said predetermined reply from the apparatus used 
by said second transactor when said second, transactor 
confirms the legitimacy of said first signature 
5 inf o2~niation and agrees to the related transaction . 

32 . An authentication apparatus as set forth in 
claim 24, wherein said receiving means sends said second 
signature information to the apparatus used by said 
second transactor . 
10 33 . An authentication system for authenticating a 

transaction performed between at least two parties via a 
network, 

said authentication system comprising: 
a first authentication apparatus for 
15 authenticating a transaction relating to a first 
transactor and 

a second authentication apparatus for 
authenticating a transaction relating to a second 
transactor , 
2 0 wherein 

said first authentication apparatus transmits a 
second request including information specifying said 
second transactor to said second authentication apparatus 
in response to a first request by said first transactor 
2 5 including information indicating said transaction content 



and information specifying said second transactor, 
receives first signature information from said second 
authentication apparatus in response to said second 
request, transmits a third request including information 
5 relating to said transaction content included in said 

first request and said first signature information to the 
apparatus used by said second transactor, stores a log of 
said transaction when receiving a predetermined reply 
from said second transactor in response to the related 

10 third request, and provides second signature information 
for authenticating a legitimacy of said transaction to 
said first transactor. 

An auth e nticati o n system as s e t forth in claim 

36-^ — further c o mprisin g an encrypting m e ans , — and 

15 wherein 

said transmittin g and receiving m e ans receiv e s 

an e ncry p ti o n key used for c o mmunication with said sec o nd 
transactor from said second authentication a p paratus in 
res po nse to said s e c o nd r equest and transmits information 

20 relatin g — bo said transacti o n content encry p ted by usin g 
said encryption k e y at said encryptin g m e ans and said 
first signature inf o rmation to the apparatus used by said 
second transact o r . 

35-: An authentication system as set forth in claim 

2 5 36^;^ — wh e rein 
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said - bransmitting receivin g means o f said first 

auth e nticati o n apparatias r e ceives said predet e rmined 
reply including identifi c ati o n information fo r use by - 
said s e c o nd auth e nticati o n a p paratus for identifyin g said 
5 s e cond transactor from said sec o nd transact o r and 

said stora g e m e ans stor e s said transacti o n l o g 

g enerated usin g said identificati o n information. — 

3-6-: An > auth e nticati o n system as set f o rth in claim 

SB-, — w h e rein said first authentication apparatus p rovides 
10 said sec o nd si g nature information to said s e cond 
transactor . — 

37 . An authentication method for authenticating a 
transaction between a first transactor and a second 
transactor performed via a network by using a first 
15 authentication apparatus for authenticating a transaction 
relating to the first transactor and a second 
authentication apparatus for authenticating a transaction 
relating to the second transactor, 

said authentication method comprising the steps 

20 of: 

issuing a first request including information 
indicating said transaction content and inf oinnation 
specifying said second transactor from said first 
transactor to said first authentication apparatus, 
2 5 transmitting a second request including the 
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information specifying said second transactor from said 
first authentication apparatus to said second 
authentication apparatus in response to said first 
request, 

5 transmitting first signature information 

indicating the authentication result by the related 
second authentication apparatus to said first 
authentication apparatus from said second authentication 
apparatus in response to said second request, 

10 transmitting a third request including the 

information relating to said transaction content included 
in said first request and said first signature 
information from said first authentication apparatus to 
an apparatus used by said second transactor, 

15 issuing a predetermined reply from the 

apparatus used by said second transactor to said first 
authentication apparatus in response to the related third 
request and, 

in accordance with said predetermined reply, 

20 storing a log of said transaction, producing second 
signature information indicating the authentication 
result of the legitimacy of said transaction, and 
transmitting the related second signature information to 
the apparatus used by said first transactor by said first 

2 5 authentication apparatus. 



38 . An authentication method as set forth in claim 
37, further comprising the steps of: 

sending an encryption key for use in 
communication with said second transactor from said 
5 second authentication apparatus to said first 

authentication apparatus in accordance with said second 
request and 

having said first authentication apparatus 
encrypt said information relating to transaction content 
10 and said first signature information using said 

encr^tion key, then send them to the apparatus used by 
said second transactor . 

39. An authentication method as set forth in claim 
37, further comprising the steps of having said first 

15 authentication apparatus receive said predetermined reply 
including identification information for use by said 
second authentication apparatus in identifying said 
second transactor from the apparatus used by said second 
transactor and store a log of said transaction generated 

20 using said identification information. 

40 . An authentication method as set forth in claim 
37 , further comprising the steps of sending a third 
request including information other than the information 
relating to the charging of said first transactor in the 

25 information relating to said transaction content included 



in said first request and said first signature 
information from the first authentication apparatus to 
the apparatus used by said second transactor . 

41. An authentication method as set forth in claim 
5 37 , further comprising the steps of sending a third 

request including information relating to the charging of 
said first transactor included in said first request, 
said first signature information, and an encryption key 
for use in communication with said authentication 

10 apparatus from the first authentication apparatus to the 
apparatus used by said second transactor . 

An auth e ntication m e th o d as set forth in claim 

"51-, — further comprisin g the st e ps of p erforming pr o cessin g 
for det e rminin g a rate of chargin g f o r authentication 

15 r e latin g to said transaction between said first 

authenticati o n a p paratus and said second authenti c ation 
ap p aratus . — 

An authenticati o n method as s e t forth in claim 

— further c o m p risin g the steps of sendin g said 
20 pr e determined re p ly from th e a pp aratus used by said 

second transactor to said first auth e nti c ati o n ap p aratus 
wh e n said sec o nd transactor confirms the le g itimacy of 
said first si g nature — information and agre e s — to — the 
related transacti o n . 
25 44-; An authentication method as set f o rth in claim 
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39-^ — further c o mprising the steps of s e nding said sec o nd 
si g nature informati o n from said first authentication 
a pp aratus — to th e a pp aratus us e d by said second 
transactor . 

5 45 . An authentication method for authenticating a 

transaction between a first transactor and a second 
transactor performed via a network by using a first 
authentication apparatus for authenticating a transaction 
relating to the first transactor and a second 
10 authentication apparatus for authenticating a transaction 
relating to the second transactor, 

said authentication method comprising the steps 

of: 

issuing a first request including information 
15 indicating said transaction content, personal key 

information of said first transactor, and information 
specifying said second transactor from said first 
transactor to said first authentication apparatus , 
transmitting a second request obtained by 
2 0 deleting said personal key from said first request from 
said first authentication apparatus to said second 
authentication apparatus in response to said first 
request, 

transmitting a third request including 
2 5 information indicating the content of said transaction 
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from said second authentication apparatus to the 
apparatus used by said second transactor in response to 
said second request, 

transmitting a first reply from the apparatus 
5 used by said second transactor to said second 

authentication apparatus in response to said third 
request , 

transmitting a second reply including payment 
method information indicating a payment method to said 
10 second transactor from said second authentication 

apparatus to said first authentication apparatus in 
accordance with said first reply, and 

managing a payment relating to sai d transaction 
between said first transactor and said second transactor 
15 based on said payment method information by said first 
authentication apparatus . 

46. An authentication method as set forth in claim 
45, wherein said first authentication apparatus performs 
processing for receiving a payment from said first 

20 transactor relating to said transaction, processing for 
paying a part of said payment to said second transactor 
in accordance with said transaction, and processing for 
receiving a remainder of said payment as a fee . 

47 . An authentication method as set forth in claim 
25 45, wherein said first authentication apparatus inquires 
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to said second authentication apparatus whether or not 
said second transactor has contracted with said second 
authentication apparatus in response to said first 
request and, when receiving an answer indicating it has 
5 contracted with it from said second authentication 

apparatus, transmits said second request to said second 
authentication apparatus . 

48. An f authentication method as set forth in claim 
45, wherein when receiving said second reply, said first 

10 authentication apparatus transmits a third reply 

including signature information including the result of 
authentication performed by the related first 
authentication apparatus for said transactor to the 
apparatus used by said first transactor. 

15 An authentication meth o d as set f o rth in claim 

4-57 — wher e in said first authentication a p paratus encrypts 
said third reply by usin g a secr e t k e y corres p ondin g t o 



the seme to th e ap p aratus used by said first transactor . 



related 



authenticati o n appar. 



transmits 



20 



se-r 



whe r ein — said first 



a p paratus — transmi ' 



said second request further including the si g nature 



information indicatin g the result of 



■cati o n 



p erf o rmed by — bhe related 



: st authentication apparatus 



25 



f o r said transaction t o 



authenti i 
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apparatus . 

S^-. An auth e ntication meth o d as — set forth — in c laim 

45-; — w h e rein said s e cond authenti c ation apparatus 
transmits said third request furth e r including signatur e 
5 informati o n indicating the result of authentication 

perf o rmed by th e related s e c o nd authenticati o n a p paratus 
sa c ti o n — to — the a pp aratus — used by — said se c ond 



authe nt i -c a tr i -o n — m e th o d as s e t f o rth in c laim 
said first auth e nticati o n ap p aratus e ncry p ts 



said sec o nd r e quest by usin g a secr e t key corr e s p onding 
to th e re lat e d first authenticati o n apparatus and 
transmits the same to said second authentication 
a p pa r atus . 

15 An auth e nticati o n m e thod as — set f o rth in claim 

A5-, — w her e in said s e c o nd authenticati o n a p paratus encry p ts 
said third re q u e st by usin g a s e cret key correspondin g — to 



ond authent 



the ap p aratus used by 



20 S4-. An authenticati o n meth o d as set forth in claim 

45r7 — wherein the apparatus of said sec o nd transactor 
e ncrypts — said first re p ly by usin g a secret key of th e 
r e lated second transactor and transmits — the — same — to — said 
second authentication a pp aratus . 

25 55-: An authentication method as set forth in claim 
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45-7 — wherein said sec o nd auth e ntication a pp aratus e ncry p ts 
said second reply by usin g a secret key c o rres p ondin g to 
the r e lated s e cond authentication a p paratus and transmits 
the sam e to said first auth e nticati o n ap p aratus . — 
5 56. An authentication apparatus holding information 

relating to a first transactor and authenticating a 
transaction between said first transactor and a second 
transactor performed via a network while communicating 
with another authentication apparatus holding information 

10 relating to said second transactor, 

said authentication apparatus comprising: 
a receiving means for receiving a first request 
including information indicating said transaction 
content, personal key information of said first 

15 transactor, and information specifying said second 

transactor from said first transactor and receiving a 
reply including payment method information indicating a 
payment method to said second transactor from said other 
authentication apparatus , 

20 a transmitting means for transmitting a second 

request obtained by deleting said personal key from said 
first request to said other authentication apparatus in 
response to said first request, and 

a charging means for managing a payment 

25 relating to said transaction between said first 
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"transactor and said second transactor based on said 
payment method Information. 

57 . An authentication apparatus as set forth In 
claim 56, wherein said charging means performs processing 
5 for receiving a payment from said first transactor 

relating to said transaction, processing for paying a 
part of said payment to said second transactor in 
accordance with said transaction, and processing for 
receiving a remainder of said payment as a fee . 

10 58. An authentication apparatus as set forth in 

claim 56, wherein said transmitting means inquires to 
said other authentication apparatus whether or not said 
second transactor has contracted with said second 
authentication apparatus in response to said first 

15 request and, when receiving an answer indicating it has 
contracted with it from said other authentication 
apparatus , transmits said second request to said other 
authentication apparatus . 

59. An authentication apparatus as set forth in 

2 0 claim 56, wherein when said receiving means receives said 
second reply, said transmitting means transmits a reply 
Including signature information including the result of 
authentication perfoanned by Itself for said transactor to 
the apparatus used by said first transactor. 

25 60. An authentication apparatus as set forth in 
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claim 59, wherein said transmitting means encrypts said 
reply by using a secret key corresponding to the related 
first authentication apparatus and transmits the same to 
the apparatus used by said first transactor. 
5 61 . An authentication apparatus as set forth in 

claim 56, wherein said transmitting means transmits said 
second request further including the signature 
information indicating the result of authentication 
performed by the related first authentication apparatus 
10 for said transaction to said other authentication 
apparatus . 

62 . An authentication system comprising a first 
authentication apparatus for authenticating a transaction 
relating to a first transactor and a second 
15 authentication apparatus for authenticating a transaction 
relating to a second transactor and authenticating a 
transaction between said first transactor and. said second 
transactor performed via a network, 

said authentication system comprising the steps 

20 of: 

issuing a first request including information 
indicating said transaction content, personal key 
information of said first transactor, and inf oannation 
specifying said second transactor from said first 
25 transactor to said first authentication apparatus. 
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transmitting a second request obtained by 
deleting said personal key from said first request from 
said first authentication apparatus to said second 
authentication apparatus in response to said first 
5 request, 

transmitting a third request including the 
information indicating the content of said transaction 
from said second authentication apparatus to the 
apparatus used by said second transactor in response to 
10 said second request, 

transmitting a first reply from an apparatus 
used by said second transactor to said second 
authentication apparatus in response to said third 
request, 

15 transmitting a second reply including payment 

method information indicating a payment method to said 
second transactor from said second authentication 
apparatus to said first authentication apparatus in 
accordance with said first reply, and 

20 managing a payment relating to said transaction 

between said first transactor and said second transactor 
based on said payment method information by said first 
authentication apparatus . 

-63-: An authenticati o n system as s e t forth in claim 

25 -62-7 — wherein said first auth e nticati o n ap p aratus p e rforms 
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p r o cessing f o r r e ceivin g a p ayment from said first 
transact o r — r elatin g — to said, transaction, — p rocessing for 
payin g a part of said paym e nt to — said s e c o nd transactor 
in accordan ce w ith said transaction, — and p rocessing f o r 
5 rec e ivin g a remaind e r of said payment as a fe e . 

^4-. An auth e ntication system as set forth in claim 

€2-, — wherein said fi r st auth e nticati o n apparatus in q uires 
to said sec o nd authentication ap p a r atus wheth e r or not 
said second transactor has — c o ntracted with — said s e c o nd 

10 auth e ntication a p paratus in resp o nse t o said first 

r eq uest and, — w hen re ce iving an answ e r indi c ating it has 
c o ntracted with it fr o m said s e c o nd authentication 
apparatus , — transmits said second re q uest t o said second 
authenticati o n a p paratus . 

15 ^65-. An authentication syst e m as set forth in claim 

€£"7 — wherein when receivin g said second reply, — said first 
auth e ntication a pp aratus t r ansmits a third r e ply 
includin g signature information includin g the result of 
authentication performed by the r e lat e d first 

20 authentication a p paratus for said transactor t o the 
ap p aratus used by said first transactor. 

•&&-: An authentication system as s e t forth in claim 
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th e same to the a p paratus used by said first transact o r. 

An authenticati o n system as set f o rth in claim 

62-; — wher e in said first authentication ap p aratus transmits 
said s e cond requ e st furthe r including the signature 
5 Informa tion — indicatin g the r e sult o f authenticati o n 

p erf o rmed by — bh e related first auth e ntication a pp aratus 
for said transacti o n t o said sec o nd authenticati o n 
apparatus . , 

An authentication system as set fo r th in claim 

10 62 , wherein said sec o nd authenticati o n- - a pp aratus 

t r ansmits said third r eq uest further includin g signature 
information indicatin g th e r e sult o f auth e ntication 
performed by the relat e d sec o nd authentica t i o n a p pa r atus 
for said transaction to th e appa r atus used by said second 

15 transactor . 

€9-. An authenticati o n system as set forth in claim 

^S-, — wh e r e in said first authentication ap p aratus encrypts 
said second r e q uest by using a secret k e y c o rresp o nding 
to the r e lated first auth e nticati o n apparatus and 

20 transmits the sam e t o said sec o nd authenticati o n 
a pp aratus . 

^^e-; An auth e nticati o n system as set forth in claim 

^Sr-, — wherein said second authentication a pp aratus encrypts 
said third r eq uest by usin g a secr e t key corres p onding to 
25 the r e lated second auth e nticati o n ap p aratus and transmits 
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t he same to the apparatus* used by said second transacto r . 

^Hr-; An authentication system as s e t forth iii claim 

^2-, — wh e rein th e apparatus of said second transactor 
encry p ts said first reply by using a s e cret key of the 
5 related second transact o r and transmits the same to said 
sec o nd authentication a p paratus . 

An authentication system as set f o rth in c laim 

G2, w herein »aid s e c o nd authentication apparatus, encry p ts 
said second reply by usin g a secret key c o rres po nding — to 
10 the related s e cond auth e ntication apparatus a nd transmits 
the saun e t o said first authentication a pparatus . 

73. An authentication method comprising the steps 

of: 

having an authentication apparatus divide 
15 authentication information of a user into first 

authentication information and second authentication 
information , 

providing a portable memory device storing said 
second authentication information to said user, 
20 transmitting an authentication information 

request from a terminal capable of accessing said 
portable memory device to said authentication apparatus, 

transmitting said first authentication 
information from said authentication apparatus to said 
25 teirminal when said authentication apparatus decides said 
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authentication information request is by a legitimate 
user, and 

having said terminal restore said 
authentication information by using said first 
5 authentication information received from said 

authentication apparatus and said second authentication 
information read from said portable memory device. 

=h^. All ^authentication m e thod as set forth in claim 

^73-7 — wherein 

10 said authenticati o n Information r eq uest 

includes transmission d e stination informati o n d e si g nating 
a d e stinati o n of transmissi o n of said first 
authentication in for mati o n , — and 

said authentication a p paratus trans mits said 

15 first auth e ntication informati o n to — said t e rminal 

designated by said - transmissi o n destination informati o n. 

'TEr-. An authentication method as s e t forth in claim 

=1-^, — wherein said authentication apparatus st o r e s 
transmissi o n destination information c o rr e spondin g to 
20 said user in advanc e and d e cides that said authenticati o n 
information re q u e st is by th e le g itimate user when said 
transmission destination informati o n included i n said 
authentication information request is p rese nt in — the 
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=h3-, — wh e rein said - b e rminal stores said r e ceived first 
authentication information and restores said 
authenticati o n inf o rmation w hen decidin g that sa id first 
authenticati o n information receiv e d fr o m said 
authenticati o n apparatus and said second authentication 
inf o rmation r e ad fr o m said p o rtaJale memory d evice 
co rr e sp o nd. 

An ,authen L icatiun method as s e t l o rth la claim 

73, wherein said t e rminal transmits t o said 
authentication ap p aratus a notificati o n indi eaLing that 
said first authentication information r e c e ived from said 
authenticati o n a p paratus and said second auth entication 
Inf o rmation r e ad from said portatbl e mem o r y do not 
corr e sp o nd wh e n — thdrs — is — the case . 

^e-^ An authenticati o n meth o d as set forth in claim 

73, wherein said authenticati o n a p paratus genera tes said 
authentication information in r e s po ns e to a r e qu est from 
said user . 

9^-; AiT authentication method as set for Lh in claim 

9-3-^ — w herein said authenticati o n Informati o n is 
informati o n produced by using a public ke y encryption. 

e^-: An authentication method as set forth i n claim 

73, wherein said portaJale memory device is a smart card. 

81 . An authentication method comprising the steps 

of: 
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generating authentication information, 
dividing said authentication information into 

first authentication infoannation and second 

authentication information, 
5 providing a portable memory device storing said 

second authentication information to a user, and 
transmitting said first authentication 

information to a transmission destination designated by 

said authentication information request when deciding 
10 that the received authentication information request is 

by a legitimate user. 

82 . An. authentication method as set forth in claim 
81, further comprising the steps of: 

storing in advance transmission destination 
15 information corresponding to the user and 

deciding that said authentication information 
request is by a legitimate user when said transmission 
destination information included in said authentication 
information request is present in said stored 
20 transmission destination information. 

83 . An authentication method as set forth in claim 
81 , wherein said authentication information is 

inf oannation produced using public key encryption . 

84. An authentication method as set forth in claim 
25 81, wherein said portable memory device is a smart card. 
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85. An authentication apparatus comprising: 
a controlling means for generating 

authentication information, dividing said authentication 

information into first authentication information and 
5 second authentication inf oirmation , and deciding whether 

or not the received authentication information request is 

by a legitimate user, 

a writing means for writing said second 

authentication information into a portable memory device, 
10 a receiving means for receiving said 

authentication information request from a user of said 

portable memory device, and 

a transmitting means for transmitting said 

first authentication information to a transmission 
15 destination designated by said authentication information 

request when it is decided that said authentication 

infoirmation request is by a legitimate user. 

86. An authentication apparatus as set forth in 
claim 85 , further comprising 

20 a storage means for storing in advance 

transmission destination information corresponding to the 
user is further provided and 
wherein 

said controlling means decides that said 
2 5 authentication infoimiation request is by a legitimate 
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user when said transmission destination inf oirmation 
included in said authentication information request is 
present in said stored transmission destination 
information . 

5 87 . An authentication apparatus as set forth in 

claim 85, wherein said authentication information is 
information produced using public key encryption. 

BB-. All , auth e nticati o n apparatus as set forth in 

c laim 05, — wherein said p orteJale mem o ry d e vice Is a smart 
10 card. 

89. A communication apparatus comprising: 

a receiving means for receiving a request 
including personal identification information for 
identifying a user, 
15 a storage means for storing said personal 

identification information and information of a 
transmission destination for transmitting a processing 
result in correspondence, 

a processing means for performing predeteirmined 
20 processing in response to said request, and 

a transmitting means for reading information of 
said transmission destination corresponding to said 
personal identification information included in said 
request from said storage means and transmitting the 
25 result of said processing to the transmission destination 



specified by the related read information of said 
transmission destination. 

90 . A communication apparatus as set forth in claim 
89, wherein 

5 said receiving means receives a request 

including encrypted personal identification information, 
and 

said communication apparatus further comprises 
a decrypting means for decrypting said personal 
10 identification information included in said received 
request . 

91 . A communication apparatus as set forth in claim 
89, wherein said personal identification information is 
an identifier assigned to the user registered in the 

15 communication apparatus in advance. 

92 . A communication apparatus as set forth in claim 
89, wherein the information of the transmission 
destination for transmitting the result of said 
processing is information provided by the transmitting 

20 side of said request to the related communication 
apparatus off-line . 

93 . A communication apparatus as set forth in claim 
89, wherein the information of the transmission 
destination for transmitting said predetermined result is 

25 personal identification information for unambiguously 
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identifying said, user in the network with the related 
communication apparatus connected thereto . 

94 . A communication apparatus as set forth in claim 
89, wherein said processing is authentication processing. 
5 95 . A communication system comprising 

a first communication apparatus and 
a second communication apparatus connected via 
a network, wherein 

said first communication apparatus comprises : 
10 a first receiving means for receiving a request 

including personal identification information for 
identifying a user, 

a storage means for storing said personal 
identification information and information of a 
15 transmission destination for transmitting a processing 
result in correspondence, 

a processing means for performing predetermined 
processing in response to said request, and 

a first transmitting means for reading the 
20 information of said transmission destination 

corresponding to said personal identification information 
included in said request from said storage means and 
transmitting the result of said processing to the 
transmission destination specified by the related read 
25 infonnation of said transmission destination and wherein 
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said second communication apparatus comprises : 
a second transmitting means for transmitting 
said request to said first communication apparatus, 
a second receiving means for receiving the 
5 result of said processing from said first communication 
apparatus , and 

an outputting means for outputting the result 
of the related received authentication processing. 

A c o mmunication ap p aratus as set forth in claim 

10 ^5-, — wherein 

said first r e ceivin g means o f sai d first 

coim t iunicati o n apparatus r e c e ives said re quest including 
encry p ted personal identification informati o n, — and 

said first c o mmunication apparatus further 

15 comprises a decry p ting means for decry p tin g said personal 
identification information included in said re ceived 
r e quest . 

A c o mmunication ap p aratus as s e t forth in claim 

^S-, — wherein said p e r sonal identification infor mation is 
20 an id e ntifier assi g ned t o the user re g istered in the 
rirst co i imiunicati o n a pp aratus in advance. 

^e-: A c o mmunicati o n a p paratus as s e t forth in claim 

— wh e rein the information of the tr ansmission 
destination f o r t r ansmitting the result of said 
25 pr o cesbin g is informati o n pr o vided by — the user of said 



- 39 - 



s e cond c o mmunica - bion a pp aratus — to — the — related, first 
c o mmunicati o n apparatus off - line. 

99-. A co mmunication apparatus as set f o rth in claim 

95, wher e in the information o f the transmission 
5 destination f or — transmittin g said predetermined r e sult is 
p ersonal identification informati o n for unambiguously 
identifyin g said user in th e network with the r e lated 
first communicati o n — a pp aratus — co nnected th e ret o . 
100. A communication method using a first 
10 communication apparatus and a second communication 
apparatus connected via a network, 

said communication method comprising the steps 

of: 

transmitting a request including personal 
15 identification information for identifying a user from 
said second communication apparatus to said first 
communication apparatus , 

having said first communication apparatus 
perform predetermined processing in response to said 
20 request, and 

having said first communication apparatus refer 
to a correspondence of said personal identification 
information and information of a transmission destination 
for transmitting the result of the processing produced in 
25 advance and transmit a result of said processing to the 
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transmission destination specified by information of the 
transmission destination corresponding to said personal 
identification information included in said request. 

101. A communication method as set forth in claim 
5 100, further comprising the step of having said second 

communication apparatus output the results of said 
processing received from said first communication 
apparatus . , 

102. A communication method as set forth in claim 
10 100, further comprising the step of having said first 

communication apparatus receive said request including 
encrypted personal identification information and decrypt 
said personal identification information included in said 
received reply - 

15 103. A communication method as set forth in claim 

100, wherein said personal identification information is 
an identifier assigned to a user registered at said first 
communication apparatus in advance . 

104. A communication method as set forth in claim 

20 100, wherein the information of the transmission 
destination for transmitting the result of said 
processing is information provided by the transmitting 
side of said request to the related first communication 
apparatus off-line . 

25 105. A communication method as set forth in claim 



100, wherein the information of the transmission 
destination for transmitting said predete2rmined result is 
personal identification information for unambiguously 
identifying said user in the network with the related 
5 first communication apparatus connected thereto . 

106. An authentication apparatus for authenticating 
a transaction performed between at least two parties via 
a network , , 

said authentication apparatus comprising: 
10 a first receiving means for receiving a first 

request including personal key information of a first 
transactor and information indicating a transaction 
content from said first transactor, 

a first authenticating means for authenticating 
15 a legitimacy of said first transactor based on said 

personal key information included in said first request 
and generating first authentication information, 

a first transmitting means for transmitting a 
second request including information obtained by deleting 
20 the personal key information of said first transactor 
from said first request and including said first 
authentication information to a second transactor, 

a second receiving means for receiving a reply 
with respect to said second request from said second 
25 transactor, 



a second authenticating means for 
authenticating a legitimacy of said second transactor and 
generating second authentication information, 

a second transmitting means for transmitting 
5 said second authentication information to said first 
transactor , 

an identification information issuing means for 
issuing transaction identification information when 
receiving said first request, and 
10 a log managing means for managing a log of the 

reception of said first request, transmission of said 
second request, and the reception of said reply by using 
said transaction identification information. 

107 . An authentication apparatus as set forth in 
15 claim 106, wherein said transaction log managing means 

generates log information for each of the reception of 
said first request, transmission of said second request, 
and reception of said reply and stores the related log 
information relating to said transaction identification 
20 information. 

108 . An authentication apparatus as set forth in 
claim 106, wherein said transmitting means transmits a 
second request further including said transaction 
identification infoirmation to said second transactor. 

25 109. An authentication apparatus as set forth in 
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claim 106, wherein said second authenticating means 
authenticates the legitimacy of said reply based on said 
transaction identification information included in said 
reply and said log managed by said transaction log 
5 managing means . 

110. An authentication apparatus as set forth in 
claim 106, 

further comprising an account processing means 
for perfoirming the account processing concerned in said 
10 transaction, and 
wherein 

said transaction log managing means stores log 
information indicating that the account processing is 
terminated in correspondence with said transaction 
15 identification information after the end of said account 
processing. 

111. An authentication apparatus as set forth in 
claim 106, wherein the personal key information of said 
first transactor is information relating to the charging 

20 of said first transactor. 

112 . An authentication system for authenticating a 
transaction performed between at least two parties via a 
network , 

said authentication system comprising 
25 a first communication apparatus used by a first 
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transactor , 

a second communication apparatus used by a 
second transactor, and 

an authentication apparatus for authenticating 
5 said transaction, wherein 

said authentication apparatus comprises : 
a first receiving means for receiving a first 
request including personal key information of said first 
transactor and including an information indicating the 
10 transaction content from said first transactor, 

a first authenticating means for authenticating 
a legitimacy of said first transactor based on said 
personal key information included in said first request 
and generating first authentication information, 
15 a first transmitting means for transmitting a 

second request including information obtained by deleting 
the personal key information of said first transactor 
from said first request and including said first 
authentication information to said second transactor, 
20 a second receiving means for receiving a reply 

with respect to said second request from said second 
transactor , 

a second authenticating means for 
authenticating a legitimacy of said second transactor in 
25 accordance with said reply and generating second 



authentication information, 

a second transmitting means for transmitting 
said second authentication information to said first 
transactor , 

5 a transaction identification information 

issuing means for issuing transaction identification 
information when receiving said first request, and 

a transaction log managing means for managing a 
log of the reception of said first request, transmission 
10 of said second request, and the reception of said reply 
by using said transaction identification information. 

113. An authentication method for authenticating a 
transaction performed between at least two parties via a 
network , 

15 said authentication method comprising the steps 

of: 

receiving a first request including personal 
key information of a first transactor and including 
information indicating a transaction content from said 
20 first transactor, 

issuing transaction identification information 
in accordance with the related reception, 

authenticating a legitimacy of said first 
transactor based on said personal key information 
2 5 included in said first request and generating first 



authentication information, 

transmitting a second, request including 
information obtained by deleting the personal key- 
information of said first transactor from said first 
5 request and including said first authentication 
information to said second transactor, 

receiving a reply with respect to said second 
request from, said second transactor, 

authenticating a legitimacy of said second 
10 transactor in accordance with said reply and generating 
second authentication information, 

transmitting said second authentication 
information to said first transactor, and 

managing a log of the reception of said first 
15 request, transmission of said second request, and the 
reception of said reply by using said transaction log 
information . 

114. An authenticati o n method as set forth in claim 
113 , — further c o mprisin g the step of ge ne r atin g lo g 
20 information f o r each of the recepti o n o f said first 

r eq u e st, — transmission of said second re q uest, — and the 
reception of said re p ly and storing th e r e lated l og 
Information in corres po ndence with said transacti o n 
id e ntification inf o rmation. 
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114 , — furth e r comprisin g th e ste p of transmittin g a second 
request furthe r includin g said t r ansaction identificati o n 
information — to — said second transact o r . 

IIG. An authentication method as set forth in claim 
114 , — furth e r c o mprisin g th e st ep of authenticatin g the 
le g itimacy of said reply based on said transacti o n 
id e ntification informati o n includ e d in said r ep ly and 
said lo g manag e d by said transaction l og mana g in g means . 

117. An authentication m e thod as set forth in claim 
114 , — further c o mprisin g th e ste p s - o f 

p e rf o rmin g th e account processing concerned in 



transaction and 



storing log information indicating that th e 
L -o cessin g is — terminat e d in c o rr e s p ond e nce w ith 



identification information after the e nd 



o f said acc o unt p rocessing. 

110. An authentication m e th o d as 



114 , — further comprisin g the ste p s of 

rec e iving said reply including p ers o nal key 

inf o rmation of said second transacto r and 

authenticatin g the legitimacy o f said s e cond 

transactor based on the personal key information o f said 
second transactor . 

11 9 . An authentication method as set forth in claim 
110, — w herein th e pe rs o nal key information of said f irst 
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transactor is information, relatin g t o the char g in g of 
said first transactor and the pe rs o nal key inf o rmation o f 
said second transactor is Information relatin g t o the 
char g ing of said second transactor . 

5 120. A communication control apparatus for 

controlling communication processing carried out in a 
second communication apparatus on a network in response 
to a request, from one or more first communication 
apparatuses , 

10 said communication control apparatus 

comprising : 

a storage means for storing apparatus 
identification inf onnation for identifying said first 
communication apparatus , 

15 a transmitting means for transmitting a request 

including said apparatus identification information 
corresponding to the related first communication 
apparatus to said second communication apparatus in 
response to the request from said first communication 

20 apparatus, 

a receiving means for receiving a reply 
including the apparatus identification information for 
identifying the transmitting apparatus of said request 
from said second communication apparatus , and 
25 a controlling means for deciding if said 
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request corresponding to said received reply is by a 
legitimate first coinmunication apparatus whose apparatus 
identification information is stored in said storage 
means based on whether or not said apparatus 
5 identification information included in said reply and 

said apparatus identification information stored in said 
storage means coincide. 

121. A communication control apparatus as set forth 
in claim 120, wherein said controlling means sends a 

10 predetermined notification to said second coinmunication 
apparatus when said apparatus identification information 
included in said reply and said apparatus identification 
information stored in said storage means do not coincide . 

122 . A communication control apparatus as set forth 
15 in claim 120, wherein said controlling means sends a 

predetermined notification to an apparatus of the 
destination of a transaction where the result of 
processing included in said reply is used when said 
apparatus identification information included in said 
20 reply and said apparatus identification information 
stored in said storage means do not coincide. 

123. A communication control apparatus as set forth 
in claim 120, wherein said transmitting means transmits 
said request including personal identification 

25 information received from said first communication 
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apparatus and including said apparatus identification 
information corresponding to the related first 
communication apparatus to said second communication 
apparatus . 

5 124 . A communication control apparatus as set forth 

in claim 120, wherein said storage means stores said 
apparatus identification information received from said 
first communication apparatus . 

125 . A communication control apparatus as set forth 
10 in claim 124, wherein said storage means stores said 

apparatus identification information received from said 
first communication apparatus when a power of the related 
communication control apparatus is turned on. 

126. A communication control apparatus as set forth 
15 in claim 120, wherein said controlling means writes a 

communication log between said first communication 
apparatus and said second communication apparatus in said 
storage means . 

127 . A communication control apparatus as set forth 
20 in claim 120, wherein said controlling means transmits 

the processing result of said second communication 
apparatus included in said reply to said first 
communication apparatus of the transmission destination 
of said request. 
25 128. A communication control apparatus as set forth 



in claim 120, wherein said controlling means controls the 
communication so that said first communication apparatus 
in a stand-by state enters an operating state in 
accordance with the infoirmation received from said 
5 receiving means . 

129. A communication control apparatus as set forth 
in claim 120, wherein said controlling means controls the 
communication between a network to which said first 
communication apparatus is connected and a network to 

10 which said second communication apparatus is connected. 

130. A communication control apparatus as set forth 
in claim 120, wherein said controlling means perfoinns 
processing as a gateway. 

131 . A communication control apparatus as set forth 
15 in claim 120, wherein said apparatus identification 

information is an identifier that can unambiguously 
identify the related communication apparatus assigned by 
the manufacturer of said first communication apparatus . 

132 . A communication control apparatus as set forth 
20 in claim 120, wherein said personal identification 

information is an identifier assigned to a registered 
user in advance. 

133 . A communication control apparatus as set forth 
in claim 120 , wherein said receiving means receives said 

25 reply including the result of authentication processing 
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performed by said second communication apparatus from 
said second communication apparatus . 

134 . A communication system for controlling at a 
coiranunication control apparatus communication relating to 
5 processing carried out at a second communication 

apparatus on a network in response to a request from one 
or more first communication apparatuses , wherein 

said communication control apparatus comprises : 
a first storage means for storing apparatus 
10 identification information for identifying said first 
communication apparatus , 

a first transmitting means for transmitting a 
request including said apparatus identification 
information corresponding to the related first 
15 communication apparatus and including personal 

identification information to said second communication 
apparatus in response to the request from said first 
communication apparatus , 

a first receiving means for receiving a reply 
20 including the apparatus identification information for 
identifying the transmitting apparatus of said request 
from said second communication apparatus , and 

a controlling means for deciding if said 
request corresponding to said received reply is by a 
2 5 legitimate first communication apparatus whose apparatus 
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Identification information is stored in said first 
storage means based on whether or not said apparatus 
identification information included in said reply and 
said apparatus identification information stored in said 
5 first storage means coincide and wherein 

said second communication apparatus comprises : 
a second receiving means for receiving said 
request, r 

a second storage means for storing said 

10 request, 

a second storage means for storing said 
personal identification information and information of a 
transmission destination for transmitting a processing 
result in correspondence , 

15 a processing means for performing predetermined 

processing in response to said request, and 

a second transmitting means for reading the 
information of said transmission destination 
corresponding to said personal identification information 

20 included in said request from said second storage means 
and transmitting the result of said processing and said 
apparatus identification information included in said 
request in correspondence to the transmission destination 
specified by the related read transmission destination 

25 inf oannation . 
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135 . A communication method for controlling at the 
communication control apparatus communication relating to 
processing carried out at a second communication 
apparatus on a network in response to a request from one 
5 or more first communication apparatuses , 

said communication method comprising the steps 

of: 

transmitting a request including apparatus 
identification information corresponding to the related 

10 first communication apparatus and including personal 
identification information from said communication 
control apparatus to said second communication apparatus 
in response to the request issued from said first 
communication apparatus to said communication control 

15 apparatus, 

having said second communication apparatus 
perform predetermined processing in response to said 
received request, 

having said second communication apparatus 

20 transmit a reply including the result of said processing 
and including said apparatus identification infoirmation 
included in said request to said communication control 
apparatus based on the information of the transmission 
destination corresponding to said personal identification 

2 5 information included in said request, and 



having said communication control apparatus 
decide if said request corresponding to said received 
reply is by a legitimate first communication apparatus 
based on whether or not said apparatus identification 
5 information included in said received reply and said 
apparatus identification information of said first 
communication apparatus held in advance coincide . 

136. A communication method as set forth in claim 
135, wherein said communication control apparatus sends a 

10 predetermined notification to said second communication 
apparatus when said apparatus identification information 
included in said received reply and said apparatus 
identification information of said first communication 
apparatus held in advance do not coincide . 

15 137 . — A communicati o n method as — s e t forth in claim 

135, — wherein said communication contr o l apparatus s e nds a 
p redet e rmined notificati o n to an apparatus of a 
destination of the transaction whe r e th e r e sult of 
pr o c e ssin g includ e d in the reply is used when said 

20 a pp aratus identification information included in said 
received reply and said a p paratus identification 
Information of said first communication apparatus h e ld in 
advanc e do n o t coincid e . 

138 . An authentication apparatus for performing 

2 5 authentication processing in response to an 
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authentication request, 

said authentication apparatus comprising: 
a receiving means for receiving said 
authentication request including personal identification 
5 information for identifying a user and including 

apparatus identification information for identifying a 
transmitting apparatus of said authentication request, 

a storage means for storing said personal 
identification information and the information of the 
10 transmission destination for transmitting an 
authentication result in correspondence, 

an authentication processing means for 
performing authentication processing in response to said 
authentication request, and 
15 a transmitting means for reading the 

information of said transmission destination 
corresponding to said personal identification information 
included in said authentication request from said storage 
means and transmitting the result of said authentication 
20 processing and said apparatus identification information 
included in said authentication request in correspondence 
to the transmission destination specified by the related 
read transmission destination information . 

139. An authentication apparatus as set forth in 
2 5 claim 138, wherein 



said receiving means receives said 
authentication request including encrypted personal 
identification information and apparatus identification 
information, and 
5 said authentication apparatus further comprises 

a decrypting means for decrypting said personal 
identification information and said apparatus 
identification information included in said received 
authentication request. 

10 140. An authentication apparatus as set forth in 

claim 138, wherein said receiving means receives said 
authentication request further including third 
identification information used for the charge processing 
relating to said user . 

15 141 . An authentication apparatus as set forth in 

claim 138, wherein said personal identification 
information is an identifier assigned to a registered 
user in advance . 

142 . An authentication apparatus as set forth in 
20 claim 138, wherein said apparatus identification 

information is an identifier capable of unambiguously 
identifying the related apparatus assigned by the 
manufacturer of said apparatus . 

143 . An authentication apparatus for performing 
25 authentication processing relating to a transaction 
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performed via a network, 

said authentication apparatus comprising: 
a receiving means for receiving an 
authentication request by a user engaging in a 
5 transaction including personal identification information 
for identifying the user, transaction information 
indicating content of the transaction, and apparatus 
identification information for identifying a transmitting 
apparatus of said authentication request, 

10 a storage means for storing said personal 

identification information and information of a 
transmission destination for transmitting the 
authentication result in correspondence, 

an authentication processing means for 

15 transmitting said transaction information included in 

said received authentication request to an apparatus of 
the user designated by said authentication request and 
performing predetermined authentication processing in 
accordance with a reply from the apparatus of the related 

20 designated user, and 

a transmitting means for reading the 
information of said transmission destination 
corresponding to said personal identification information 
included in said authentication request from said storage 

25 means and transmitting the result of said authentication 



processing and said apparatus identification information 
included in said authentication request in correspondence 
to the transmission destination specified by the related 
read transmission destination information. 
5 144. An authentication apparatus as set forth in 

claim 143, wherein said authentication processing means 
attaches signature information indicating the 
authentication result of the related authentication 
apparatus to said transaction information and transmits 

10 the same to the apparatus of said designated user and 
generates signature information of the related 
authentication apparatus of the result of said 
authentication processing in accordance with the reply 
from said designated user . 

15 145. An authentication apparatus as set forth in 

claim 143, wherein said storage means stores log 
information of transactions between the user issuing said 
authentication request and said designated user . 

146. An authentication apparatus as set forth in 

20 claim 143, wherein 

said receiving means receives said 
authentication request including encxypted personal 
identification information and apparatus identification 
information, and 

25 said authentication apparatus further comprises 
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a decrypting means for decrypting said personal 
identification information and said apparatus 
identification information included in said received 
authentication request. 
5 147 . An authentication apparatus as set forth in 

claim 143, wherein said receiving means receives said 
authentication request further including third 
identification information used for the charge processing 
relating to said user. 

10 148 . An authentication apparatus as set forth in 

claim 143, further comprising a charge processing means 
for performing charge processing for the authentication 
relating to said transaction. 

149. A processing apparatus for requesting 

15 authentication relating to a transaction performed via a 
network , 

said processing apparatus comprising: 
a transmitting means for transmitting said 
authentication request including personal identification 
20 information for identifying a user and apparatus 

identification information for identifying a related 
processing apparatus, 

a receiving means for receiving an 
authentication reply including identification information 
25 for identifying a transmitting apparatus of the 



- 61 - 



authentication request, and 

a controlling means for deciding whether or not 
said personal identification infoinnation and the 
identification information included in said 
5 authentication reply coincide. 

150 . A processing apparatus as set forth in claim 
149, wherein said controlling means sends a predetermined 
notification , to the transmitting side of said 
authentication reply when deciding that said apparatus 

10 identification information and the identification 

information included in said authentication reply do not 
coincide . 

151 . A processing apparatus as set forth in claim 
149, wherein said controlling means sends a predetermined 

15 notification to the apparatus of the destination of 
transaction where the result of the related 
authentication included in said authentication reply is 
used when deciding that said apparatus identification 
information and the identification information included 

20 in said authentication response do not coincide. 

152 . An authentication system comprising a 
processing apparatus and an authentication apparatus 
connected via a network, wherein 

said authentication apparatus comprises : 
25 a receiving means for receiving an 



authentication request including personal identification 
information for identifying a user and apparatus 
identification information for identifying a transmitting 
apparatus of said authentication request, 
5 a storage means for storing said personal 

identification information and information of a 
transmission destination for transmitting the 
authentication result in correspondence, 

an authentication processing means for 

10 performing authentication processing in response to said 
authentication request, and 

a transmitting means for reading the 
information of said transmission destination 
corresponding to said personal identification information 

15 included in said authentication request from said storage 
means and transmitting an authentication reply including 
the result of said authentication processing and said 
apparatus identification information included in said 
authentication request to the transmission destination 

2 0 specified by the related read transmission destination 
information and wherein 

said processing apparatus comprises: 
a transmitting means for transmitting said 
authentication request including said personal 

25 identification information and said apparatus 
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identification information for identifying the related 
processing apparatus, 

a receiving means for receiving said 
authentication reply, and 
5 a controlling means for deciding whether or not 

said apparatus identification inf oinnation of the related 
processing apparatus and said apparatus identification 
information included in said authentication reply 
coincide . 

10 153. All auth e ntication system as set forth in claim 

152 , — wherein said processing apparatus sends a 
p xed e termin e d notification t o the transmittin g ap p aratus 
o f the authentication reply when deciding that the 
identification information includ e d i n said 

15 authentication reply does noL coincide. 

154 ■ An auth e nticati o n syst e m as set forth in claim 
152 , — w herein said processing a p paratus sends a 
p redetermined n o tification to the apparatus of the 
destination of transacti o n wh e re the r e sult o f said 

20 authentication included in said authentication reply is 
us e d when decidin g — that the identification in formation 
included in said authentication re p ly does n o t coi ncide. 

155 . An authentication method using a processing 
apparatus and an authentication apparatus connected via a 

25 network, 



said authentication method comprising the steps 

of: 

transmitting an authentication request 
including personal identification information for 
5 identifying a user and apparatus identification 
information for identifying a related processing 
apparatus from said processing apparatus to said 
authentication apparatus , 

performing authentication processing in 

10 response to said authentication request at said 
authentication apparatus , 

transmitting an authentication reply including 
the result of said authentication processing and said 
apparatus identification infoirmation included in said 

15 authentication request to said processing apparatus 
specified by the information of said transmission 
destination corresponding to said personal identification 
information included in said authentication request from 
said authentication apparatus , and 

2 0 having said processing apparatus decide whether 

or not said apparatus identification information included 
in said authentication reply received from said 
authentication apparatus, said apparatus identification 
information of the related processing apparatus , and said 

25 apparatus identification information included in said 
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authentication reply coincide . 

156. An authentication method as set forth in claim 
155, wherein said processing apparatus sends a 
predetermined notification to said authentication 

5 apparatus when deciding that the identification 

information included in said authentication reply does 
not coincide . 

157. An » authentication method as set forth in claim 
155, wherein said processing apparatus sends a 

10 predetermined notification to the apparatus of the 
destination of transaction where the result of said 
authentication included in said authentication reply is 
used when deciding that the identification information 
included in said authentication reply does not coincide. 

15 158. An information storage method comprising of the 

steps of 

dividing predetermined infoannation into a 
plurality of modules each independently maintaining 
confidentiality of the predetermined information and 
20 storing said plurality of modules on storage 

media different from each other or in different regions 
of an identical storage medi\am. 

159. An information st o ra g e meth o d as set forth in 
claim 150, wherein the plurality of storag e media 
25 different fr o m each other and with said p l urality of 
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modules stor e d thereon ar e storag e media p hysically 
inde p endent from each oth e r. 

IGO. An information st o rage meth o d as set forth in 
claim 150, — wh e rein 
5 said predet e rmin e d information is encry p t e d, 

th e information o btained by the related 

e ncry p tion is divided into said p lurality o f modules e ach 
indep e ndently maintainin g — the c o nfidentiality of — the 
10 p redet e rmined information . 

IGl. An inf o rmation storage method as s e t forth in 
claim 150, — wh e rein 

said plurality o f modules ar e encrypted, — and 

the p lurality o f modules obtained by the 

15 encry p ti o n ar e stor e d on storage media differ e nt from 
each other o r -in different r e gions — of an id e ntical 
sto r a g e meditmi. 

162 . An information restoration method comprising 
the steps of: 

2 0 reading modules from a plurality of storage 

media or different regions of an identical storage medium 
when a plurality of modules each independently 
maintaining confidentiality of the predetermined 
information are stored on a plurality of storage media 

25 different from each other or in different regions of an 
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identical storage medivim and 

combining the related read modules to restore 
said predetermined information. 

163. An information restoration method as set forth 
5 in claim 162, wherein the plurality of storage media 

different from each other and with said plurality of 
modules stored therein are storage media physically 
independent from each other. 

164. An information restoration method as set forth 
10 in claim 162, wherein said read modules are combined and 

then decrypted to restore said predetermined information. 

165. An information restoration method as set forth 
in claim 1G2, — wh e r e in said read modules are decrypted and 
th e n combined to restore — said p redetermined informati o n . — 

15 166. An information storage device comprising 

an information dividing means for dividing said 
predetermined information into a plurality of modules 
each independently maintaining the confidentiality of the 
predetermined information and 

20 a writing means for writing said plurality of 

modules on storage media different from each other or in 
different regions of an identical storage medium. 

167. An information storage device as set forth in 
claim 166, wherein said plurality of storage media 

25 different from each other on which the plurality of 
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modules are stored are storage media physically 
independent from each other . 

168. An information storage device as set forth in 
claim 166, wherein 

5 said device further comprises an encrypting 

means for encrypting said predetermined information and 

said information dividing means divides the 
information obtained by the encryption into said 
plurality of modules each independently maintaining the 
10 confidentiality of the predetermined information. 

169. An information storage device as set forth in 
claim 166, wherein 

said device further comprises an encrypting 
means for encrypting said plurality of modules and 
15 said writing means writes the plurality of 

modules obtained by the encryption in storage media 
different from each other or in different regions of an 
identical storage medium. 

170. An information restoration device comprising 
20 a reading means for reading modules from a 

plurality of storage media or different regions of an 
identical storage medium when a plurality of modules each 
independently maintaining the confidentiality of the 
predetermined information are stored on a plurality of 
25 storage media different from each other or in the 
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different regions of the identical storage medium and 

an infoiOTation combining means for combining 
the related read modules to restore said predeteanxiined 
information . 

5 171 . An information restoration device as set forth 

in claim 170, wherein said plurality of storage media 
different from each other on which the plurality of 
modules are stored are storage media physically 
independent from each other. 
10 172. An information restoration device as set forth 

in claim 170, further comprising a decrypting means for 
decrypting the information obtained by combining the 
modules . 

173. An information restoration device as set forth 
15 in claim 170, wherein 

said device further comprises a decrypting 
means for decr3fpting said read modules and 

said information combining means combines said 
decrypted modules to restore said predetermined 
20 information. 

174. A computer readable storage medium storing one 
module among a plurality of modules when predetermined 
information is divided into a plurality of modules each 
independently maintaining the confidentiality of the 

25 predetermined information. 



